In this episode of The Jon Myer Podcast, we tackle the critical issue of cybersecurity in healthcare with Jeff Warren, Chief Product Officer at Netwrix. With healthcare organizations increasingly becoming targets for cyberattacks, Jeff shares insights on why these institutions are vulnerable and how they can better protect sensitive patient data.A staggering 84% of healthcare organizations faced cyberattack attempts last year. Jeff explains how attackers repeatedly exploit the same vulnerabilities - from identity management weaknesses to third-party security gaps - and offers practical solutions that go beyond basic HIPAA compliance.We also explore how cloud adoption and AI implementation are creating new security challenges for healthcare organizations. Jeff discusses the dangers of "shadow AI" and why simply meeting regulatory requirements isn't enough to prevent breaches in today's complex digital landscape.Whether you're an IT professional in healthcare or simply interested in how your medical data is being protected, this episode provides valuable insights into building truly resilient security systems in an industry where data protection is literally a matter of life and death.## YouTube Timeline0:00 - Introduction to healthcare cybersecurity discussion with Jeff Warren0:15 - Why healthcare organizations are prime targets for cybersecurity attacks0:40 - Alarming statistics: 84% of healthcare organizations targeted by cyberattacks1:32 - Multiple account vulnerabilities and third-party security challenges2:04 - The Move IT breach example and importance of vendor management3:18 - How employee turnover impacts third-party security management3:59 - Supply chain attacks and the "worm-type" behavior seen with SolarWinds4:53 - HIPAA/HITECH regulations and evaluating security beyond basic compliance5:47 - Why compliance should be viewed as "the floor, not the ceiling"6:40 - Navigating multiple cybersecurity frameworks and implementation challenges7:07 - Benefits of the NIST framework's prescriptive security guidance7:55 - Problems with organizations focusing on minimum compliance requirements8:11 - Moving employee security training beyond basic phishing awareness9:03 - Managing different types of insider threats in healthcare9:37 - Importance of understanding your unique environment and security risks10:38 - Cloud-based and AI-driven technologies in healthcare11:06 - Cloud adoption challenges and security considerations12:04 - Cloud misconfigurations leading to data breaches13:11 - The risks of "shadow AI" and unauthorized AI tool usage14:14 - Providing secure AI alternatives for healthcare staff14:23 - AI training and protecting sensitive data from external exposure15:14 - Public vs. private LLMs and implementing proper security boundaries16:33 - Risks of AI systems exposing data beyond intended access permissions17:14 - Developing proper skill sets for cloud and AI security management18:22 - Closing remarks and outro🔔 Don't forget to Like, Subscribe, and hit the notification 🔔 ✔ Subscribe: https://www.youtube.com/jonmyer/?sub_confirmation=1📱 Social Media Twitter: https://twitter.com/_JonMyerWebsite: https://jonmyer.comLinkedIN: https://www.linkedin.com/in/jon-myer/Spotify: https://open.spotify.com/show/0wjJzdIwctq4o4pTXM2KSFLike my sounds? Here's my audio source: https://www.epidemicsound.com/referral/fj9o9k#aws #awscloud #podcast #podcasting #costoptimization #finops #cloudcost #cloudoptimization