In Scope - The Healthcare Security Podcast

In this episode, Mike welcomes John Hammond, a cybersecurity researcher, educator, and content creator. Join us as they break down the hard work, grit, and patience required to become a hacker, much different from the fantasy world portrayed in TV and movies.

In this episode, Mike welcomes Nina Alli, Co-Founder and Executive Director of the Biohacking Village at DEF CON. Join us as they talk about what's new and exciting in this year's Biohacking Village. Nina notes the addition of a real word hospital simulation where each medical device exists as a system of connected devices.

In this episode, Mike welcomes Joshua Motta, CEO & Co-founder of Coalition, a cyber insurance company. Join us they talk about the ins and outs of cyber insurance. How does it work? How is it different from traditional insurance? Joshua talks about Coalition's brand of insurance as "active insurance", providing broader coverage for all of the ways technology can go wrong in your organization.

In this episode, Mike welcomes Kareem Zaki, General Partner with Thrive Capital. Join us as they discuss the importance of investing in healthcare cybersecurity as healthcare is quickly becoming the #1 breached industry. Also, Mike drops the big news of Scope Security's $20 million Series A funding led by Thrive Capital.

In this episode, Mike welcomes hacker enthusiast, IppSec, currently working at Hack The Box. Join us as they discuss the importance of understanding how hackers think to defend and withstand attacks. In his training videos, IppSec prefers to go beyond methodology and encourage critical thinking and reasoning when approaching hacking, noting hackers have to go beyond the apparent.

In this episode, Mike welcomes Wolfgang Goerlich aka "Wolf" Advisory CISO at CISCO. Join us they discuss the tendency within security to disregard the human element leading to a lack of adhering to security protocols and rather a working around those protocols. When this happens, we see a correlation to a human need not being met. If that is understood and considered, the result is the development of much better security products all around.

In this episode, Mike welcomes Danny Akacki, Scope's newly appointed Director of Customer Success. Join us as they talk about how the security industry intersects with many other communities like healthcare and ICS, to name a few. These communities are full of individuals and groups very passionate and connected to the mission behind their work.

In this bonus episode, Mike shares updates about the exciting developments coming from Scope Security and looks back at the recurring cybersecurity topics of this past year, both on our podcast and out in the world! Of course, it wouldn't be an end-of-year episode without 2022 predictions. Thank you for tuning in this year! We're excited to bring you more exciting topics and conversations in the coming year.

In this episode, Mike welcomes Suchi Pahi, a data privacy and cybersecurity attorney. Join us as they talk about the complexities of implementing and understanding HIPAA particularly for organizations brand new to the healthcare space.

In this episode, Mike welcomes Pranav Patel, CEO of MediTechSafe. Join us as they discuss how leaders within organizations need to be focused not just on digital transformation, big data, and innovation. They must instill the importance of cybersecurity within the top ranks for this mindset to trickle down.

In this episode, Mike welcomes Maxie Reynolds, founder of Subsea Cloud. Join us Maxie shares some of the key principles, laws, and insights behind her book, The Art of Attack: Attacker Mindset for Security Professionals.

In this episode, Mike welcomes Matt Clapham, Product Cybersecurity Leader at Johnson Controls. Join us as they discuss the need for hardware manufacturers to adopt a new economic model in order to keep the software installed in these devices up to date and thus more secure.

In this episode, Mike welcomes Hugh Tower-Pierce, newly appointed CISO of Zocdoc. At the time of our interview, Hugh held the position of CISO at Oscar Health and shared thoughts on the importance of empowering and enabling security executives within organizations.

In this episode, Mike welcomes MDs Christian Dameff and Jeff Tully, founders of the CyberMed Summit, a two-day conference that brings clinicians, security researchers, and medical device manufacturers to discuss advances in healthcare cybersecurity. Join us as they discuss the far-reaching and often devastating domino effect created by cybersecurity attacks on medical facilities.

In this episode, Mike welcomes Mifan Careem, Vice President - Solutions Architecture at WSO2. Join us as they discuss consent management, the process of involving patients and users in deciding which pieces of data can be shared or exposed between applications and for what duration. Mifan sees consent management as playing a big role in the future of healthcare security.

In the second part of this special two part episode with the FDA's Suzanne Schwartz and Kevin Fu, the discussion turns to the increasingly prevalent topic of ransomware.

In part one of this two-part special episode, Mike welcomes Suzanne Schwartz, Director of the Office of Strategic Partnerships and Technology Innovation (OST) at FDA's Center for Devices & Radiological Health (CDRH) and Kevin Fu, Acting Director of Medical Device Cybersecurity at FDA's Center for Devices and Radiological Health (CDRH) and Program Director for Cybersecurity. Join us as they talk about the FDA'S journey to designing cybersecurity standards for medical devices including establishing pre and post-market policy, threat modeling and SBOMs (Software Bill of Materials).

In this episode, Mike welcomes recovering hacker Alissa Knight and HL7 Standards Architect and member for the FHIR Management Group, John Moehrke. Join us as they discuss Fast Healthcare Interoperability Resources (FHIR), a standard that defines how healthcare information is exchanged between computer systems. John and Alissa both acknowledge the challenges of maintaining a standard where implementations vary greatly.

In this episode Mike welcomes Esmond Kane, CISO of Steward Health. Join us as they discuss the risks accompanying advances in technology allowing doctors to treat patients remotely. As a CISO Esmond knows these risks can't be eliminated entirely, but they must be managed.

Mike is joined by Mike Nelson VP of IoT Security at DigiCert. Join us as they talk about how COVID has accelerated the need for hospitals to secure connected devices not only within the hospital but well beyond it.

The news of large-scale attacks at Colonial Pipeline and Scripps Healthcare has brought ransomware back into the news. With lines for gas on the east coast, and Scripps' medical personnel having to resort to using paper records to track patient interaction, Mike welcomed back noted security researcher and lecturer at Boston University, Kai Bernardini to discuss the alarming trend of ransomware gangs pooling their resources to offer ransomware as a service and the present and future directions of ransomware.

Mike welcomes Indiana University Health CISO, Mitch Parker. Join us as they discuss the importance of getting businesses to talk and think about cybersecurity not as an afterthought, but as a part of the business that is not overly complicated and draconian. How can the security team and business leaders work together to ensure best practices and to avoid costly breaches?

Mike talks to the authors of the book, Practical IoT Hacking Fotios Chantzis, and Beau Woods. Woods and Chantzis share their thoughts behind creating a safe and lawful guide to the ins and outs of hacking medical IoT devices covering everything from the software layer to the hardware layer and everything in between.

Recovering hacker extraordinaire and content creator Alissa Knight is a disruptor. Her videos and white papers from the perspective of an adversary exist to assist companies in determining the efficacy of their products. Join us as she talks about mobile app security, FHIR, and what it means to be a hacker.

Healthcare security veteran Bill Pelletier has seen the industry from all sides. In this episode he shares his thoughts on what 2021 may look like for security vendors and CISOs alike.

Dig into the trends, topics and top risks facing the healthcare security sector with the Scope Security team.

The Scope team reviews the year in healthcare security. And it was a doozy.

Government security industry veteran Dean Smith talks with Mike Murray about securing EHRs and the challenges of interoperability across health systems.

Mike talks with Cisco cybersecurity specialist (and avid gamer) Carolina Terrazas about how she helps CISOs prioritize their security spend using game theory

The complexities of medical device security will only get more so, with the evolution of at-home healthcare, telemedicine and device IoT. In this episode, Mike Murray talks to Mike Nelson, VP of IoT Security at DigiCert about how security vendors and HDOs can rise to the challenge together.

In the wake of a number of devastating ransomware attacks against hospitals, our experienced threat hunters discuss why ransomware is on the rise, and how health systems can protect themselves.

The former CISO of CarePoint Health and industry veteran Frank Attilio shares a few tales from the trenches and his thoughts on 'getting back to the basics' of healthcare security

Security researcher, lecturer and threat hunter Kai Bernandini shares his take on the state of ransomware in healthcare and where it's headed, and geeks out with Mike on cryptography. PLUS: Our perspective on stopping a ransomware attack long before it can start.

Managing security in a healthcare environment during COVID-19 is not for the faint of heart. Steward Health Care CISO Esmond Kane discusses the impacts and opportunities of managing cybersecurity in a pandemic.

In Scope takes on the tough issues of healthcare cybersecurity though interviews with leading security experts and helpful insights into timely topics. Hosted by security industry leader Mike Murray.