Healthcare’s Monthly Cyber Briefing

Looking Back and Moving Forward: A Candid Conversation with Health Sector Coordinating Council Leaders

Join us for Clearwater’s January Cyber Briefing, where Steve Cagle, CEO of Clearwater, will deliver the first critical threat briefing of 2025, spotlighting the latest cyber risks targeting healthcare organizations. Expect more than just headlines — you’ll walk away with in-depth data and practical recommendations for today’s security landscape.

Then, in a special fireside chat, Steve Cagle will talk to special guests Erik Decker, Outgoing Chair of the Health Sector Coordinating Council (HSCC) and Vice President and CISO for Intermountain Health, and Chris Tyberg, Incoming Chair and CISO of Abbott Laboratories. In this candid conversation, Erik will reflect on his tenure leading the HSCC through some of the most turbulent cybersecurity years in healthcare, including landmark breaches and rapid technological evolution. Chris, having served as Vice Chair, will share his vision as he steps into the role of Chair, offering a glimpse into the HSCC’s strategic priorities moving forward.

Expect an engaging discussion on what the healthcare sector has learned from a year marked by intense challenges and significant breaches. Have organizations adapted? Are we more resilient? Have we addressed critical vulnerabilities and single points of failure? And what about the future — how will artificial intelligence shape our cybersecurity landscape in 2025?

Erik Decker, Vice President and Chief Information Security Officer for Intermountain Health, brings 24 years of IT experience, including 17 focused on cybersecurity. As co-lead of the Department of Health and Human Services (HHS) 405(d) Task Group, he helped craft the “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients” (HICP) 2023 Edition. Recognized nationally for his leadership, Erik has testified before Congress and played a key role in shaping healthcare cybersecurity policy.

Chris Tyberg, Chief Information Security Officer at Abbott Laboratories, leads enterprise-wide cybersecurity efforts. With over a decade of leadership at Abbott and St. Jude Medical, Chris has been instrumental in driving innovative security strategies and fostering industry collaboration to strengthen healthcare’s cyber resilience.

This webinar is your chance to learn directly from two of the healthcare cybersecurity sector’s top leaders. Join us for a forward-looking, thought-provoking conversation designed to equip you with insights and strategies that can shape your organization’s security posture in the year ahead.

The Return of OCR Audits: What It Means and How to Prepare for Potential Action 

The Office for Civil Rights (OCR) indicated last year that they would initiate a new round of HIPAA Audits, and we have confirmation that audits are indeed happening across the healthcare industry. The 2024-2025 HIPAA Audits will review 50 covered entities’ and business associates’ compliance with selected provisions of the HIPAA Security Rule most relevant to hacking and ransomware attacks. 

Andrew Mahler, Clearwater’s Vice President of Privacy & Compliance Services and a former OCR investigator, will join Iliana Peters, a distinguished expert in data privacy and security and a former senior official at HHS, for our February Cyber Briefing. Together, they will provide insight into OCR’s goals for this new round of audits, their potential impact on the proposed updates to the HIPAA Security Rule, broader efforts to regulate healthcare cybersecurity practices, and how organizations can best prepare for the possibility of being audited. 

Andrew and Iliana’s discussion will follow Clearwater CEO Steve Cagle’s review of the latest known threats targeting healthcare organizations and other cybersecurity developments that healthcare leaders should be monitoring.  

Early 2025 Vulnerability Trends and the Future Data Encryption Risk Hackers are Betting On Now

Drawing on Clearwater’s field experience providing vulnerability management services, Clearwater Corporate CISO and CTO of Managed Security Services team Steve Akers will share our latest insight on the key issues that healthcare organizations face across their diverse environments. In addition, Cybersecurity Consulting team leader Dave Bailey will discuss harvest now decrypt later (HNDL) attacks and how organizations should be thinking about this emerging risk.

These topics will follow Steve Cagle’s review of new threats and regulatory developments over the past month and recommendations for how to respond.

Lessons From the Field: Cybersecurity Trends Across the Healthcare Ecosystem

From attacks on hospitals that have disrupted operations for weeks to attacks on suppliers that have halted the critical flow of blood across an entire region of the country and the flow of financial information across much of the industry, healthcare’s cybersecurity practices and resiliency have been put to the test in a very profound way over the past year. While teams have risen to the challenge heroically time and again, the events of the last 12 months have underscored some important realities that every healthcare organization must face:

• We function as an interconnected ecosystem and an attack on one entity can quickly impact thousands of others
• The rapid recoverability of IT resources is vital to safeguarding patient care

Our April Cyber Briefing will feature an expert panel of senior Clearwater consultants who work across the healthcare ecosystem. They will share lessons learned from their work with hospitals and health systems, physician practice management groups, and healthcare technology companies and discuss cybersecurity trends we are seeing in different sectors that can have ripple effects across the industry.

The discussion will be moderated by Clearwater CEO Steve Cagle and follow Steve’s review of the latest cybersecurity threats and regulatory developments impacting healthcare organizations.

Alliance Agenda: A Discussion on HSCC’s Vision for Advancing Healthcare Cybersecurity

On April 2nd, Gregory Garcia, Executive Director of the Healthcare and Public Health Sector Coordinating Council (HSCC) Cybersecurity Working Group, testified before the House Energy & Commerce Oversight Subcommittee. The message: Real progress in cybersecurity requires robust public-private collaboration toward smarter, more effective cyber policy where government and industry work together to strengthen healthcare’s digital resilience and patient safety. Shortly after, HSCC released Forward Path 2025, a coordinated set of recommendations that offer a constructive alternative to the HIPAA NPRM and a roadmap for federal support of cybersecurity in healthcare. Join Lisa Munro, Director of Marketing at Clearwater, and former HHS 405(d) Engagement Lead as she sits down with Garcia for a candid conversation about the future of healthcare cybersecurity policy. This discussion promises to provide an in-depth look at the intersection of government action and industry innovation, exploring what recent developments mean for the sector and how stakeholders can navigate the changing landscape.  

Their conversation will follow Steve Cagle’s monthly review of the latest cybersecurity threats and regulatory developments impacting the healthcare sector.

Info coming soon!

Info coming soon!

Info coming soon!

Info coming soon!

Info coming soon!

Info coming soon!

Info coming soon!