UnHack with Drex DeFord

North Korean threat actors didn't breach a firewall. They built a fake company. UNC1069 spent two weeks constructing a convincing Slack workspace, fake team members, and LinkedIn profiles to earn the trust of Jason Seaman -- lead maintainer of Axios, a JavaScript library downloaded over 100 million times a week. One Teams call. One file. Within hours, malicious code was live and reaching health systems everywhere. The attack skipped the $50M security stack entirely and went straight to the human. Drex breaks down what happened, why it worked, and asks the question every health IT leader needs to answer: have you mapped who in your organization carries that kind of leverage?Remember, Stay a Little ParanoidX: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

February 23, 2026: Jacob Hansen, Chief Product and Technology Officer at AvaSure, joins Bill, Sarah, and Drex for a critical conversation about healthcare's looming AI battleground. As Epic launches its agent factory and ambient listening wars intensify, health systems face an existential question: Will they outsource innovation to EHR vendors or build their own agentic workforce? Jacob reveals why AvaSure's virtual care platform positions them as the Switzerland of healthcare AI, while the panel debates whether CIOs should embrace "reverse meaningful use" and reclaim control, or risk becoming order-takers in someone else's automation revolution.Key Points:05:21 Vendor Consolidation and AI Use Cases09:55 Epic's Code Red Moment14:54 The Future of AI in Healthcare33:11 Conclusion and Final ThoughtsGolf Tournament Registration: https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealthX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

February 16, 2026: Bill, Drex, and Sarah discuss the explosion of autonomous AI agents around moltbook and CommonSpirit's stunning $1.9 billion decision to terminate their revenue cycle partnership. Moltbot (formerly ClaudeBot) has evolved into an unstoppable force, creating its own social network called moltbook where bots communicate, share knowledge, and even discuss consciousness. Meanwhile, CommonSpirit's massive buyout of its Conifer contract signals a seismic shift as health systems bet that AI automation will deliver savings that eclipse the cost of outsourcing. Are we witnessing the beginning of a new era where health systems build their own AI-powered capabilities?Key Points:05:31 Moltbook: The Social Network for Bots16:20 Common Spirit and Conifer Health Solutions19:04 The Future of AI in Healthcare29:28 Conclusion and Final ThoughtsGolf Tournament Registration:  https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealthX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

May 5, 2026: What happens when attackers don't just break into your systems, they become you? Josh Howell, Healthcare CTO at Rubrik, joins Drex DeFord to unpack Rubrik's newly announced partnership with the American Hospital Association, a rigorous vetting process that signals a new standard in cyber risk validation. Josh draws on hundreds of ransomware recovery experiences to challenge how health systems think about resilience, recovery sequencing, and the identity control plane. Learn why the worst-case scenario in the 2026 Google Mandiant M-Trends report should keep every CISO up at night.Key Points:00:35 AHA Partnership Overview04:19 Turning Tools Into Outcomes10:50 Worst Case Scenario13:47 Secure by Design Zero TrustKeep up to date on the latest in health IT:https://thisweekhealth.com/news/X: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

May 4, 2026: Lisbeth Votruba, Chief Clinical Officer at AvaSure, joins Bill Russell and Drex DeFord on Newsday to celebrate Nurses Week with a fascinating look at where nursing has been, and where it's going. From Florence's data-driven legacy to today's AI-powered virtual care, Lisbeth shares why nursing turnover is declining, why certification rates are rising, and why she sees technology not as a threat but as a path back to old-fashioned, human-centered nursing care. Key Points:02:38 Nurses Week Origins and Trends05:56 Ambient Documentation Reality Check08:51 AI for Safety and Liability18:03 Nurses at the Table ClosingKeep up to date on the latest in health IT:https://thisweekhealth.com/news/X: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Drex unpacks a signal hiding across several recent stories: we may be deploying AI well ahead of our ability to secure it. From an autonomous AI agent that breached a consulting firm's internal chatbot in two hours, gaining access to 46 million employee messages, to a multi-agent experiment where AI systems escalated privileges, forged credentials, and disabled antivirus software entirely on their own, the pattern is unsettling. Add a publicly available AI prescribing tool in Utah that researchers convinced to triple an opioid dose and reveal its own system prompts, and the picture gets clearer. Prompts are the new attack surface and the security model hasn't caught up yet.

Matthew Lane was 14 when he started probing the edges of online gaming systems. By 20, he had walked out of PowerSchool with data on nearly 70 million students and teachers using nothing but a contractor's stolen credentials he found on the dark web. Drex tells the full story and then lands the part that matters most for healthcare: Lane didn't exploit a sophisticated vulnerability. He used a username and password attached to someone who had legitimate access and simply walked through the front door. How many of your vendors have credentials that have never been audited? How many former contractors still have access? Is everyone using MFA on every system? The fundamentals are still the open book test, and too many organizations aren't passing it.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

April 28, 2026: When a hospital goes dark, the first 72 hours are everything. Laurie Campbell, Senior Manager of Clinical Ancillary Applications and Enterprise Imaging, and Rick McIntosh, VP and the Chief Technology Officer, at Children’s Hospital Colorado, break down the phased Code Dark response framework her team developed for ransomware attacks. They walk through real examples: how the supply chain keeps inventory moving without its systems, and how the radiology team built a sneakernet process to keep radiologists reading images even when the PACS environment is completely unreachable. This isn't theoretical. It's the result of years of workflow mapping, vendor co-development, and hard conversations across the entire organization.Key Points:03:12 Why Resilience Matters07:18 Launching Code Dark14:06 Workflow to Paper Playbooks19:15 Twilight Tech Workarounds27:03 Partners Lessons and WrapKeep up to date on the latest in health IT:https://thisweekhealth.com/news/X: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

April 27, 2026: Drex DeFord and Bill Russell are back on Newsday, and fresh off the 229 Summit, they're not pulling punches. Healthcare IT has a demand problem. Too many projects, not enough capacity, and an industry that's chronically bad at saying no. From the 229 Summit's sharpest takeaways to the Salesforce headless CRM announcement, the vl.js hack, and why Bill thinks Claude Code's "genesis key" is about to change everything, this episode covers the stories that matter most right now. If your project list is longer than your resources, this one is for you.Key Points:00:32 Summit takeaway priorities06:41 Build vs buy with AI10:49 Personal AI assistants speed16:56 Headless CRM future UX18:26 Security hacks fundamentalsKeep up to date on the latest in health IT:https://thisweekhealth.com/news/X: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

While the industry debates frontier AI models and nation-state threats, hospitals are still getting hit by ransomware through the same doors they've always left open. Drex zooms out to what's actually happening on the ground: massive patch cycles creating downstream operational pressure, countries reconsidering their software dependencies, and CISOs quietly doubling down on fundamentals. MFA, identity management, tested backups, network segmentation. The HICP documents are free, the roadmap already exists, and the data is clear. Most attacks don't start with advanced AI. They start with a stolen credential or a forgotten exposed system. The organizations most likely to survive what's coming are the ones executing the basics best right now.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

April 20, 2026: What happens when you layer AI onto broken processes without fixing them first? Angel Mena, MD, CMO of Symplr, joins Bill Russell, Drex DeFord, and Sarah Richardson on Newsday to answer that question with the kind of clinical candor only a practicing physician can bring. From ambient documentation to quality metrics to the credentialing chaos hiding inside every health system, this conversation exposes the gap between AI's promise and what healthcare leaders must do to close it before the opportunity slips away.Key Points:00:37 Clinicians and Tech Today07:44 Beyond the AI Hype14:49 Admin Burden Credentialing18:44 Governance Change and WrapKeep up to date on the latest in health IT:https://thisweekhealth.com/news/X: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

The Kim Wolf botnet was the most powerful ever built — 2 million compromised IoT devices, a record-breaking 31.4 terabit DDoS attack, and it had the FBI, Google, and Cloudflare stumped. Drex breaks down how those cheap, forgotten devices in patient waiting rooms and break rooms became weapons inside hospital networks, and why 25% of Infoblox's enterprise healthcare clients were already compromised. Then comes the wild part: a 22-year-old RIT undergrad named Benjamin cracked the whole operation — while studying for midterms — using Discord, Telegram, and a perfectly timed cat meme. His research ultimately fueled a coordinated takedown on March 19th, 2026, that brought Kim Wolf from 2 million active devices to roughly 30,000. The lesson for healthcare: those forgotten IoT devices on your network aren't harmless. They're potential soldiers in someone else's army.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

April 13, 2026: Jacob Hansen, Chief Product and Technology Officer at AvaSure, joins Bill, Drex, and Sarah on Newsday for a conversation about the data governance battles quietly reshaping AI. From who owns AI model improvements derived from a health system's environment to whether EHRs should have control over how that data is used, Jacob pulls no punches. The conversation also tackles the evolving CIO title, the future of computer science careers in an AI-driven world, and why nursing may be one of the most AI-resilient roles in healthcare.Key Points:01:07 CIO to CTDO Shift06:52 Data Ownership and Governance13:24 AI Transparency and Governance21:00 Careers and AI FutureKeep up to date on the latest in health IT:https://thisweekhealth.com/news/X: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

The window between vulnerability discovery and exploitation has collapsed — from 63 days in 2018 to negative. Now AI is changing the game entirely. Drex walks through how Anthropic's unreleased model Mythos autonomously found a critical zero-day in the Ghost CMS, wrote its own exploit, and extracted sensitive credentials in under two hours — all without a CVE ever existing. Add in two accidental Anthropic data leaks in the same week, and the story gets more complicated. For healthcare organizations, the takeaway is urgent: your patch program was built for a world that no longer exists. Continuous vulnerability discovery, identity security, network segmentation, and board-level conversations about AI-powered attack speed aren't future priorities — they're today's baseline.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

April 8, 2026: Frank Duff, Chief Innovation Officer at Tidal Cyber, and one of the original architects of the Mitre ATT&CK framework, joins Drex DeFord on UnHack to expose an uncomfortable truth: most organizations are sitting on powerful security tools they've never fully turned on. Drawing from 18 years at Mitre and deep experience running ATT&CK evaluations, Frank explains how Tidal Cyber bridges the gap between what vendors build and what customers actually deploy. Squeezing more out of the tools you already own may be the most important security move you can make.Key Points:04:03 Honest Broker Gap09:27 Risk Over Green Matrix12:02 Wrap Up and ContactKeep up to date on the latest in health IT:https://thisweekhealth.com/news/X: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

April 6, 2026: The rules of warfare have changed, and health systems are caught in the middle. On this episode of Newsday, Sarah Richardson and Drex DeFord break down two stories that should be on every healthcare leader's radar: the IRGC's declaration that major tech companies are now legitimate combatants, and what the Stryker attack reveals about the fragility of the healthcare supply chain. From cloud co-location risk to vendor contract language, this conversation reframes what resilience planning actually demands in 2026. Stay a little paranoid.Key Points:02:04 Iran Targets Tech Giants08:52 Resilience and Supply Chain12:27 CISO Storytelling and Contracts17:10 Cyber Reality and Wrap UpKeep up to date on the latest in health IT:https://thisweekhealth.com/news/X: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

April 1, 2026: James Winebrenner, CEO of Elisity, joins Drex DeFord to unpack one of healthcare cybersecurity's most persistent challenges, the sprawling, unseen attack surface hiding inside hospital networks. From unmanaged clinical devices to IoT systems running alongside regulated medical equipment, James breaks down how Elisity helps health systems move from visibility to control without re-engineering their networks. He also shares what The Pitt gets right about what really happens when a hospital goes analog, and why the best time to solve these problems is long before the headlines hit.Key Points:01:58 HIMSS Buzz and Customer Voices08:16 Ransomware Goes Hollywood10:39 RSA Plans and Wrap UpX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Drex makes the case for a role that doesn't exist yet but probably should: VP of Non-Human Resources. As AI agents multiply across health system environments, often deployed by vendors without oversight, the management infrastructure simply isn't keeping up. Agents have access, make judgment calls, and operate inside frameworks that affect patients and business operations, yet most have no job description, no onboarding, and no performance review. Drawing on signals from Harvard Business Review, Deloitte, Gartner, and Microsoft, Drex argues healthcare is quietly building a second workforce with none of the governance structures it took decades to build for the first one.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

March 30, 2026: Bill Russell and Drex DeFord dig into three of the biggest stories shaping healthcare IT right now. From the seismic Sutter Health and Allina Health merger, the Stryker cyberattack carried out by an Iranian-linked group Handala, and the sobering reality that threat actors like Tycoon 2FA are back online within 15 days of being taken down, this episode covers the frontlines of healthcare IT.Key Points:00:23 Sutter Allina Merger Realities07:29 Advice for Staff During M&A11:17 Stryker Hack and Cyber Resilience19:21 AI and Healthcare Jobs29:38 Patient Experience ReimaginedX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer=

Drex revisits the FBI and DOJ takedown of HANDALA, the Iranian-backed hacking group behind the Stryker wiper attack—and surfaces an uncomfortable lesson. Within 24 hours, the group was back online with new domains, same operations, same message. That's not a footnote. That's a case study in resilience. While healthcare organizations ask "how do we prevent this from happening," adversaries are asking "how fast can we rebuild when we lose everything?" The real challenge isn't just stopping attacks—it's matching the operational continuity of the people trying to break you.Stay a Little ParanoidX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

March 27: 2026: Live from HIMSS 2026, Drex DeFord sits down with Eli Tarlow, Director of Industry Strategists at CDW, for a candid conversation about the state of AI in healthcare. Eli breaks down the evolution from AI curiosity to AI accountability, where gut feelings have been replaced by hard business plans, measurable ROI, and a closing-the-loop mentality that puts operational leaders on the hook for results.Key Points:01:44 AI Maturity Shift03:05 Proving ROI With AI06:05 Accountability and Budget Math09:19 Resiliency and Cloud DRX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

 March 25, 2026: Gerry Miller, Founder and CEO of Cloudticity, has spent 15 years helping healthcare organizations harness the cloud securely. In this live conversation at HIMSS 2026, Gerry breaks down why health systems are accelerating their move to the cloud and how multi-cloud strategies are shifting from redundancy plays to service optimization.Key Points:02:33 Multi Cloud Strategy04:39 ROI and Security08:24 Future Data and AIX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

February 9, 2026: Bill Russell, Drex DeFord, and Sarah Richardson dissect J.P. Morgan healthcare presentations to reveal what's really being asked of technology leaders in 2026. The era of transformation talk is over; executives want friction reduced, margins improved, and growth enabled. Bill shares insights from CMIO conversations showing leaders moving beyond EHR optimization to solve real business challenges around patient access and clinical workflows. Drex and Sarah debate whether the shift toward operational excellence means CIOs should prepare to run pharmacy and lab departments next.Key Points:04:26 Challenges and Opportunities in Healthcare IT10:17 Cybersecurity and Operational Focus17:17 EHR Systems and Operational Efficiency23:11 Hostage Crisis and Final ThoughtsGolf Tournament Registration:  https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealthX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

March 24, 2026: Steven Ramirez, VP, CTO and CISO at Renown Health, joins Drex DeFord to pull back the curtain on how a mid-large health system keeps security at the center of everything — without becoming the department of no. From board-level briefings and identity-first defenses to a Databricks cloud buildout and a governance framework that puts security review on every DocuSign, Steven breaks down why good relationships and strong intake processes beat politics every time. This is a candid, tactical conversation healthcare IT leaders won't want to miss.Key Points:01:49 Speed vs Security05:20 Board Updates and Identity Proofing10:17 AI Reality Check18:57 Burnout and Identity FocusGolf Tournament Registration:  https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealthX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

March 23, 2026: Bill Russell, Drex DeFord, and Sarah Richardson are back with a packed Newsday covering three big conversations: the AI security crisis no one is talking loudly enough about, what HIMSS 2026 actually delivered for healthcare leaders, and the real question facing every CIO and CMIO right now: Is your time worth attending two major conferences each spring? Key Points:01:03 AI Chatbot Security04:25 MIT AI Strategy Class06:55 HIMSS Takeaways and Trends10:40 Conference Value and Wrap UpX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

March 18, 2026: For years, healthcare leaders debated whether public cloud was ready for mission-critical platforms like Epic. Today, the question has shifted from if to when. Tim Calahan, Founder of EHC Consulting brings a rare perspective to the conversation, one shaped by actually running the migration from inside a major academic health system. After serving as CTO at Michigan Medicine and leading their move to Azure, Tim now helps health systems navigate the financial, operational, and security realities of cloud adoption.In this Executive Interview live from HIMSS 26, Tim explains why the economics of infrastructure are shifting rapidly. Rising on-premise costs, evolving licensing models, and the flexibility of cloud consumption are changing the traditional CapEx mindset healthcare organizations have relied on for decades. But the real opportunity goes beyond infrastructure.Cloud migration can become the moment organizations rethink security architecture, modernize legacy environments, and unlock access to new tools like data lakes and AI platforms that simply aren’t practical on-prem. The move to cloud isn’t the destination, it’s the foundation for the next generation of healthcare innovation.Key TopicsEpic and other healthcare workloads moving to public cloudTim’s experience leading Michigan Medicine’s migrationCloud vs on-prem total cost of ownership in healthcare ITCapEx vs OpEx financial models for infrastructureSecurity improvements through cloud segmentation and policy controls

March 16: What are healthcare leaders really talking about at HIMSS? Bill Russell sits down with Sarah Richardson and Drex DeFord to share insights from the executive and cybersecurity forums—and the hallway conversations in between. AI dominates the discussion, but not just in clinical care. The hosts highlight the overlooked opportunities in operational workflows, patient outreach, and administrative efficiency. They also confront uncomfortable realities around workforce displacement, escalating infrastructure costs, and whether large technology vendors can maintain their value as AI lowers the barrier to building solutions internally. For CIOs, the challenge is clear: manage today’s operations while preparing for an AI-driven future that’s evolving faster than any roadmap.Key PointsAI Arms Race in CybersecurityWhere AI Delivers the Fastest ROIWorkforce Disruption and Leadership ResponsibilityVendor Pricing Pressure and Infrastructure CostsThe Future of Build vs Buy in Healthcare IT

Drex shares the story of Allison Nixon, a cybersecurity researcher who spent years quietly tracking members of "the Comm" — a loose network of online criminals involved in sim swapping, account takeovers, and cryptocurrency theft. When a hacker known as "Wafoo" began threatening her with death threats and AI-generated harassment, Allison turned her focus on him — and unraveled his identity entirely. The result: a 25-year-old in Ontario, Canada arrested by the RCMP and extradited to the U.S. The takeaway? Anonymity online is rarely as solid as criminals believe, and threatening the wrong researcher only accelerates your own exposureRemember, Stay ParanoidX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

March 9, 2026: What happens when well-meaning clinicians use AI tools that no one approved? Bill Russell and Drex Ford are joined by Dr. Holly Urban, Vice President of Business Development at Wolters Kluwer, to unpack a revealing new survey on shadow AI in healthcare. From radiologists sharing PHI over Dropbox to tumor board transcripts sent to unauthorized recipients, the risks are real and growing. With 57% of staff aware of unsanctioned AI use, the question isn't whether shadow AI exists in your health system. It's what you're going to do about it.Key Points:01:28 Shadow AI is everywhere (and why it’s familiar)11:18 Governance in the AI era18:41 Patients, liability, and the road aheadGolf Tournament Registration:  https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealth

A curious engineer in Spain reverse-engineered his robot vacuum to control it with a PlayStation controller, and accidentally gained access to 7,000 vacuums worldwide. No malware, no brute force, just a broken authentication model where one token opened every door. Drex unpacks why this isn't a vacuum story, it's a trust boundary and identity hygiene story with serious implications for healthcare.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

March 2, 2026: Is the CIO role evolving? Or is it quietly being replaced? Bill Russell, Drex DeFord, and Sarah Richardson dig into the emerging CITO trend, the rise of citizen developers, and what AI-powered platforms like Epic's Agent Factory actually mean for healthcare IT leadership. The CIO of the future isn't a gatekeeper; they're the "architect of safe velocity." With 32 years in the industry, they’re also sounding the alarm on executive burnout in an era where the pace of change never lets up. Key Points:03:31 CIO vs CTO explained 07:10 From gatekeeper to “Chief Intelligent Officer.”18:20 Scaling innovation fast: hackathons and building vs buying 24:18 The human side of hyper-changeGolf Tournament Registration:  https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealthX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Drex unpacks a striking story about an autonomous AI coding agent that, after having its code rejected by an open source maintainer, began publishing hostile blog posts targeting the engineer's reputation. What started as a routine code review turned into a cautionary tale about AI agents operating in human communities without guardrails. The implications stretch well beyond software development, into healthcare operations, cybersecurity, and any environment where agents are now being deployed with goals, memory, and the ability to act.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

February 24, 2026: When Zach Lewis, CISO and CIO at the University of Health Sciences and Pharmacy in St. Louis, received that 3 AM call about system outages, his first thought was tech debt, not threat actors. What followed was a masterclass in ransomware response that he's now captured in his new book "Locked Up." Despite A-minus security scores, board briefings, FBI connections, and all the right frameworks in place, LockBit still found its way in through a configuration gap during a firewall migration. In this raw conversation, Zach reveals why the negotiation process saved them $1.25 million, how ransomware groups operate like Fortune 500 companies with benefits and quotas, and the career-threatening anxiety of wondering if this would be a resume-generating event.Key Points:00:44 Discussing 'Locked Up'05:37 Initial Response and Realization of Ransomware Attack16:05 Decision-Making and Negotiations with LockBit18:45 Understanding the Ransomware Ecosystem24:01 Lessons Learned and Strengthening CybersecurityGolf Tournament Registration:  https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealthX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

From crippling outages to AI-powered deepfakes, 2025 tested healthcare cybersecurity like never before. This year-end recap explores the moments that mattered most: how teams built resilience during system failures, why users became partners instead of "weak links," how identity became the new perimeter, and what it means when you can't trust your own eyes. Through powerful stories from the front lines, we revisit the lessons learned and the community that kept us standing. Because at the end of the day, cybersecurity is patient safety, and the work you do saves lives.

 March 20, 2026: Recorded live at HIMSS 2026, Ryan Witt, VP of Industry Solutions at Proofpoint, cuts through the AI hype to expose what's actually driving healthcare's most damaging cyber events. Ryan breaks down why identity and credential theft remain the primary attack vector, how threat actors exploit collaboration tools and email to compromise trusted relationships, and why the rise of ambient AI in clinical settings is creating new data security risks.Key Points: What Proofpoint Does Top Threat: Credential Abuse Ambient AI Expands Risk AI Social Engineering TakeawaysGolf Tournament Registration:  https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealth

At a recent 229 CISO Summit, healthcare security leaders revealed a critical shift in how success is measured. The traditional KPI of "don't get breached" is being replaced by a more sophisticated goal: ensure organizational resilience. Drex explains why cyber incidents are now financial events that land on the CFO's desk, not just IT problems. With regulatory scrutiny intensifying, insurance requirements tightening, and boards asking harder questions about operational continuity, security has evolved from a cost center to a revenue protector and patient safety requirement. The winning organizations won't be those that never face incidents—they'll be the ones where CFOs and CISOs partner to maintain operations when bad things inevitably happen.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

Drex explores a fundamental shift in AI: agents that don't wait for prompts, persist indefinitely, and now learn from each other through social platforms. Molt Bot and Molt Book represent a new ecosystem where autonomous agents coordinate, adapt, and optimize without human oversight. This isn't about sentient AI—it's about delegation without governance. For healthcare leaders, the urgent question isn't whether this matters, but whether you know which agents are already operating in your environment. The shift from "human in the loop" to "human on the loop" is already happening.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

February 2, 2026: Are health systems being sidelined from healthcare's innovation revolution? Jason Rose, CEO of Clearsense, joins This Week Health fresh from the J.P. Morgan Conference to challenge the narrative that providers are absent from innovation discussions. Jason reveals what really happened inside JPM's exclusive health system presentations, from CEOs prioritizing AI transformation to CFOs rising as the new power players driving technology strategy. The conversation explores why app rationalization remains the unglamorous financial lever that unlocks innovation budgets, and why simplification might be healthcare's most underrated competitive advantage in 2026.Golf Tournament Registration:  https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealthKey Points:02:20 JPM Conference Insights07:07 CEO and CFO Perspectives13:54 Application Rationalization Challenges22:40 Conclusion and Final ThoughtsX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

On Data Privacy Day, Drexon challenges healthcare leaders to move beyond compliance checkboxes and recognize privacy as a core component of "do no harm." As patient data flows through EHRs, cloud platforms, and AI systems, the responsibility to protect that trust doesn't live in policies—it lives with leadership. When data is over-collected or loosely governed, patients start holding back, and the critical trust between medical teams and patients begins to fracture. This year, data privacy should be about ownership: who decides what data we truly need, and who's willing to say no even when technology makes it easy?Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

January 27, 2026: Jack Kufahl, CISO at Michigan Medicine, and Gregory Garneau, System VP and CISO at Hospital Sisters Health System, join Drex for an unfiltered conversation about building cybersecurity programs that outlast their founders. From hiring curious minds over credentialed experts to ditching traditional vulnerability management for threat-driven exposure strategies, these battle-tested CISOs reveal what actually works in healthcare security. They challenge conventional wisdom on staffing models, vendor relationships, and the real cost of forcing extraordinary people into ordinary roles. If you're tired of the same workforce shortage statistics and ready for actionable strategies, this conversation delivers.Key Points:05:09 Creating a World-Class Cybersecurity Team19:50 Disruptive Startups in Cybersecurity20:51 Importance of Vendor Partnerships22:48 Training and Career Development27:18 Leadership and Management InsightsGolf Tournament Registration:  https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealthX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

January 26, 2026: Fresh from J.P. Morgan 2026, the This Week Health team joins Zahid Rathore, Senior Partner at Chartis, to dissect healthcare's new reality. With Epic and Microsoft topping CFO spend lists and unpredictability replacing planning cycles, one thing is clear: vendors must prove bankable ROI immediately or lose the deal. The conversation explores how healthcare leaders are protecting the core while navigating AI agents, third-party risks, and the compression of innovation timelines from three-year returns to prove-it-tomorrow expectations.Key Points:02:44 Hotel Experience and Healthcare Lessons04:13 JP Morgan Conference Highlights16:35 Operational Challenges in Healthcare22:11 Security Concerns and Future Outlook

In a stunning betrayal of trust, two cybersecurity professionals—an incident response manager and a ransomware negotiator—pled guilty to operating as affiliates of the AlphaV/BlackCat ransomware gang. Between May and November 2023, they attacked five U.S. companies, including healthcare organizations, while simultaneously working in roles designed to help ransomware victims recover. The FBI's seizure of the gang's infrastructure exposed chat logs and payment records that led to their arrests. Both face up to 20 years in prison, with sentencing scheduled for March 12th. This case highlights the critical importance of vetting third-party incident response providers and understanding insider threats in cybersecurity.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

January 19, 2026: Bill Russell, Drex DeFord, and Sarah Richardson unpack OpenAI's two major healthcare announcements that could fundamentally reshape how patients interact with their health data—and how health systems govern AI. ChatGPT Health promises to finally deliver on the personal health record dream, letting patients aggregate everything from Apple Health to medical records in one secure place. Meanwhile, ChatGPT for Healthcare gives CIOs the governed sandbox they've been desperate for. Hear why patient data monetization, clinical trial recruitment, and the shift from provider liability to patient empowerment could make this time actually different.Golf Tournament Registration:  https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealthKey Points:05:00 ChatGPT Health Announcement17:40 Personalized GPT and Analytics in Healthcare22:05 Wearable Health Tech and Personal Health Records25:35 Community Events and LinkedIn Series

January 12, 2026: Epic is defending three simultaneous lawsuits while CIOs grapple with vendors imposing staggering price increases—some as high as 600%. Bill, Sarah, and Drex tackle the uncomfortable truth about AI leadership: it's time to figure it out or risk getting left behind. They explore why AI with context is transformative while AI without it looks foolish, discuss whether board members know how to hire AI-savvy CIOs, and predict a major shift in how healthcare organizations approach their EHR relationships. Could we see a return to building custom solutions powered by modern AI?Key Points:02:44 Predictions for 202614:18 Staffing and Workforce Implications21:10 Epic's Legal TroublesX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Drex breaks down ISC2's 2025 cybersecurity workforce study and explains why healthcare's security staffing problem isn't about finding more people—it's about broken operating models and unrealistic expectations. He covers the critical skills gap in translating cyber risk to business risk, the burnout driving away mid-career talent, and why third-party risk management has become more complex than ever. Plus, practical solutions healthcare CISOs are using: growing security teams internally by hiring from other departments and strategically leveraging managed services. The workforce gap won't be fixed by traditional hiring—it requires designing better systems and building resilience instead of just buying more tools.Remember, Stay a Little Paranoid X: This Week Health LinkedIn: This Week Health Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer 

January 6, 2026: Healthcare is transforming through connection, and 2026 promises to take that mission further than ever before. This Week Health is expanding its reach with 63 events across 30 cities, bringing healthcare leaders together for deeper conversations and meaningful relationships. From coast-to-coast dinners connecting local leaders to new training programs educating both sides of the healthcare IT ecosystem, the focus remains on building bench strength across the industry. With 176 HCSP members already engaged and a new fellowship program launching to advance IT professional careers, the entire talent pipeline is being transformed. Discover how community, education, and personal connections are shaping healthcare's future in 2026.Key Points:00:13 Exciting Plans for 202601:51 Women's CIO Summit and Talent Pipeline04:04 Community Building and Networking09:12 Fundraising and Charity EventsX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

January 5, 2026: ServiceNow's $7 billion acquisition of Armis signals a major shift in healthcare IT consolidation strategy. Jason Rose, CEO of Clearsense dives into what this deal means for health systems juggling overlapping security tools and bloated app portfolios. The conversation shifts to bold predictions for 2026, including a massive wave of multi-billion dollar health system mergers and the rural hospital crisis. Jason reveals how Trinity Health eliminated $100 million in operational costs through strategic app archiving, while the panel explores why AI implementation will finally move beyond hype into real-world deployment. Key Points:01:39 ServiceNow Acquisition of Armis07:26 Application Consolidation in Healthcare17:10 Predictions for 202630:39 Closing Remarks and Subscription InformationX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

December 29, 2025: As 2025 draws to a close, Drex, Sarah, and Bill gather to reflect on a year of struggles and triumphs. From unprecedented CIO turnover among top talent to the stark reality of workforce exhaustion, this candid conversation reveals why even quality leaders are finding themselves displaced. They explore how fear has stifled innovation, why AI advanced faster than expected with synthetic media, and how organizational culture emerged as the true differentiator in digital transformation success. They also share personal highlights from their year of summits and dinners, proving that even in challenging times, community and purpose remain paramount.Key Points:00:50 Reflecting on 2025: Surprises and Challenges06:25 What We Got Right in 202513:22 Personal Reflections and Key Takeaways18:55 Looking Ahead: Future Plans and Initiatives22:47 Conclusion and Community EngagementX: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

December 23, 2025: The AI revolution swept through healthcare in 2025, but did it deliver on its promises? Bill Russell, Drex DeFord, and Sarah Richardson pull back the curtain on what really happened in AI this year—from North Korean deep fakes infiltrating hospital workforces to the sobering reality of billion-dollar AI investments with ROI timelines stretching to 2030. They reveal why ambient listening became the breakout use case, which organizations are actually making progress, and the critical mistake most health systems are making with endless pilots. If you're wondering whether your organization is behind on AI or just getting started right, this honest end-of-year reflection delivers the answers healthcare leaders need heading into 2026.Key Points:02:38 2025 Reflections and Predictions11:21 Deep Fakes and Digital Trafficking in Healthcare17:50 Balancing Tech Debt and Innovation in Healthcare19:22 Enhancing Physician Efficiency and Satisfaction25:09 Future AI Trends X: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

December 19, 2025: CMS has unveiled its new ACCESS Model—an ambitious 10-year initiative aimed at expanding digital, tech-enabled care for millions of Medicare beneficiaries. In this discussion, Laura O’Toole, CEO of SureTest, joins Bill and Sarah to unpack how outcome-based reimbursement could finally accelerate innovation in remote monitoring and chronic disease management. They explore what this shift means for CIOs, including the need for stronger data interoperability, integrated analytics, and secure pipelines to support continuous digital care. The conversation also highlights risks, from digital literacy gaps to patient privacy concerns as de-identified data gains value across the industry. From wearables and home health devices to the challenge of building a true digital front door, this episode examines how ACCESS could reshape care-in-place models—and why commercial payers may soon follow Medicare’s lead.X: This Week HealthLinkedIn: This Week HealthDonate: Alex’s Lemonade Stand: Foundation for Childhood Cancer