Michael K. Giannopoulos

As cyber threats continue to evolve faster than traditional controls can respond, static access policies create blind spots that expose the business to unnecessary risk. As an industry, we are generating lots of data, but few operationalize the signals in a continious manner taking meaningful actions to reduce exposure. Adaptive trust policies represent a strategic shift enabling organizations to move from a reactive, one-size-fits-all approach to a proactive, context-aware security model that continuously aligns access decisions with real-time risk signals. By dynamically adjusting user and system access based on behavioral analytics, device posture, location, and threat intelligence, adaptive trust helps executive leaders: ✔️ Reduce the attack surface without compromising agility ✔️ Automate risk-based decision-making at scale ✔️ Enable dynamic least privilege across hybrid environments ✔️ Strengthen operational resilience and business continuity For CISOs, CIOs, and business leaders driving digital transformation, adaptive trust isn’t just a security enhancement, it’s a business enabler that ensures the right access, at the right time, under the right conditions. This is how modern enterprises stay ahead of risk, by making trust adaptive and actionable. #ExecutiveLeadership #CyberStrategy #AdaptiveTrust #DigitalRisk #ZeroTrust #OperationalResilience #CISO #CIO #BusinessContinuity #BoardLevelSecurity

23

1 Comment

Healthcare doesn't happen only in hospitals anymore.   So how do you architect security and access for an ever-changing industry?   UPMC's Dan Snyder is breaking it down TODAY at Gartner IT Symposium—sharing how they rebuilt connectivity for at-home clinicians and distributed care sites while keeping latency low, security tight, and privacy non-negotiable.   If you're rethinking your infrastructure or any distributed enterprise, this is the session to catch! #GartnerITSymposium #HealthcareIT #SASE #SDWAN #ZeroTrust #DataPrivacy #Telehealth #HealthcareInnovation #VersaNetworks #Cybersecurity #Versa #UPMC #ChannelPartners

25

📣New #bipartisan #legislation introduced in #Congress—the Healthcare Cybersecurity Act—aims to strengthen protection of #patientdata by enhancing collaboration between #HHS and #CISA. As #healthcare remains one of the most targeted sectors, this bill signals a growing recognition of #cybersecurity as critical to #patientsafety and national #resilience. https://lnkd.in/gruS7Krq

21

 Top 5 #Healthcare Headlines Today — What execs need to know:  1- Taiwan and smart hospitals utilizing AI-powered platforms built with NVIDIA partners are revolutionizing care delivery—from robotic surgery to real-time diagnostics. 2 - Catholic Health breach affects 480,000 patients A third-party vendor data leak reminds us: vendor risk management is a cybersecurity must-have. 3 - Ransomware = #1 cause of US health data breaches A Michigan State University study shows that ransomware now drives more breaches than any other factor; long-term care disruption is a real concern. 4 - Workday launches AI agents for HR & finance New tools aim to streamline operations and optimize workforce planning, tasks that are critical as healthcare organizations tighten their budgets. 5 - Regeneron acquires 23andMe assets A strategic move into consumer genetics and personalized medicine—signaling major shifts in pharma’s data play.

9

2 Comments

Healthcare runs on hybrid cloud, SaaS, and third party networks. When visibility stops at the edge, patient care is at risk. AppNeta by Broadcom delivers end to end observability from the clinician and patient perspective, helping IT teams detect degradation before it impacts EHR and telehealth. See how healthcare organizations can move from reactive troubleshooting to proactive assurance. https://lnkd.in/eSj6zPC6

29

𝗪𝗵𝗮𝘁 𝗽𝗲𝗿𝗰𝗲𝗻𝘁𝗮𝗴𝗲 𝗼𝗳 𝗰𝘆𝗯𝗲𝗿𝗮𝘁𝘁𝗮𝗰𝗸𝘀 𝗯𝗲𝗴𝗶𝗻 𝘄𝗶𝘁𝗵 𝗮 𝗽𝗵𝗶𝘀𝗵𝗶𝗻𝗴 𝗲𝗺𝗮𝗶𝗹? The most recent industry research, approximately 𝟵𝟬% of cyberattacks begin with a phishing email. 📊 Key Statistics: - Verizon’s 2023 Data Breach Investigations Report (DBIR) found that 74% of breaches involved the human element, with phishing and pretexting among the top attack vectors. - CISA (Cybersecurity & Infrastructure Security Agency) and FBI report that phishing remains the most common method for gaining initial access in ransomware and APT (advanced persistent threat) campaigns. - Proofpoint’s 2024 State of the Phish Report indicates that over 90% of successful cyberattacks start with a phishing attempt—especially business email compromise (BEC) and credential harvesting. 🎯 Why It's So Common: - Low cost, high reward: It’s easier to trick a human than hack a firewall. - Credential theft: Phishing often targets usernames, passwords, and MFA bypass tokens. - Malware delivery: Emails serve as entry points for ransomware, spyware, or remote access tools (RATs). - Impersonation tactics: Phishing emails now use AI tools to mimic tone, style, and urgency. 🔐 How to Defend Against It: - Employee training: Regular simulations and awareness programs. - Email filtering: Advanced anti-phishing and spoof detection systems. - MFA and zero trust: Limit damage from compromised credentials. - DMARC/DKIM/SPF: Email authentication standards to prevent spoofing.

15

2 Comments

🎙️ SEASON SIX FINALE ALERT 🎙️ AI is the greatest gift to cybercriminals since the password "Password123" And if you think your healthcare organization is ready for what's coming next... you're not paying attention. This week on Straight Outta Health IT, we're closing out Season Six with a conversation that will make every CISO, CIO, and CEO lose sleep (in the best way possible). I sat down with Uday Ali Pabrai, CEO of ecfirst, to unpack the brutal truth about AI in healthcare cybersecurity. Here's what's real: 🔴 AI isn't just making us better, it's making THEM better. Ransomware crews are using AI to launch faster, smarter, more personalized attacks. Your patch management gaps? They already know. Your third-party vendors? Backdoors waiting to happen. 🔴 Compliance isn't protection. HIPAA checkboxes won't save you when attackers are leveraging AI to exploit your cloud infrastructure, medical devices, and your own people at unprecedented scale. 🔴 The cost isn't just downtime. Class-action lawsuits. Regulatory settlements. Multi-year corrective action plans. The financial and reputational exposure is existential, and growing. But here's the opportunity buried in the chaos: ✅ AI doesn't have to be your liability. With the right governance rooted in NIST AI RMF, HITRUST, and enterprise-wide resilience strategy it can become your competitive advantage. ✅ AI literacy isn't optional anymore. From the boardroom to the bedside, your workforce is your first line of defense. ✅ This is a leadership moment. Not just IT. Not just security. Enterprise strategy. Ali doesn't sugarcoat it. He brings frameworks, real-world lessons from breaches, and a roadmap for turning AI from an attack surface into a resilience engine. This is the conversation healthcare leaders NEED to have in 2025. 🎧 Listen now. Share widely. And buckle up, because Season Seven is gonna hit different! YouTube: https://lnkd.in/eesZWBQw Apple: https://lnkd.in/enN9UGBY Spotify: https://lnkd.in/emgf-cHB Or your favorite podcast platform! Straight Outta Health IT: Unfiltered. Unapologetic. Unmissable. #HealthIT #Cybersecurity #AIinHealthcare #HealthcareLeadership #HIMSS #DigitalHealth #HealthEquity #StraightOuttaHealthIT #SeasonFinale #AIGovernance #CISO #HealthcareInnovation HIMSSHIMSS Georgia Chapter NAHSE National NAHSE Atlanta Chapter BuzzFeed Swaay.Health Marketing Community WellLink Health Alliance WellLink Health Alliance WellLink Health Alliance AGE-WELL Outcomes Rocket HealthIMPACT Live Health Data Management CHIME Bamberg Health Georgia Life Sciences Georgia Life Sciences Gozio

16

Proud to announce UPMC Enterprises’ investment in Penguin Ai, a company using secure, scalable AI to reduce administrative burden in health care.    Led by industry veteran Fawad Butt, Penguin Ai combines deep expertise with a patient-first mindset to deliver real-world solutions that prioritize innovation and data security.    AI has long been a strategic focus at UPMC, we build and back companies with bold ideas and scalable impact. This investment reflects our commitment to advancing safe, transformative tech for health care. https://lnkd.in/gKYgbzXk

98

3 Comments

If your MSSP ACO isn’t proactively preparing for 2025 eCQM reporting, you risk quality scores—and shared savings. Dive into our guide for step-by-step strategies, breaking down how to consolidate data from multiple EHRs, identify quality gaps, generate compliant QRDA-III & JSON files, and so much more. Learn what’s at stake and how to succeed with these six simple steps: https://okt.to/bjnAPs #eCQM #MSSP #ACOs #QualityReporting #ClinicalData

24

Cyber risk doesn’t stop at your firewall. More than 276 million healthcare records were exposed last year—many through third-party vendors. Now, CISA’s new Supplier Response Web Tool is helping health IT teams ask the right questions before signing software contracts. This free tool breaks complex policy into customizable, exportable checklists you can actually use in vendor evaluations. If your team touches procurement, compliance, or risk management this one’s worth a look: 🔗 https://bit.ly/4gi8bn8 #HealthIT #CyberSecurity #DigitalHealth

12

Today, Mass General Brigham introduced AIwithCare, a new AI company spun out of our system to accelerate clinical trial screening and patient enrollment.   At its core is RECTIFIER, a Retrieval-Augmented Generation (RAG) AI platform built by Digital, Personalized Medicine, Accelerator for Clinical Transformation, and Innovation teams at MGB. In recent studies, RECTIFIER significantly outperformed manual review – helping identify eligible patients faster, more accurately, and at lower cost.   This is meaningful progress for patients waiting on new discoveries, and for the clinicians and researchers working to bring them forward. Proud to have our teams be part of this amazing work!   Read the full announcement: https://lnkd.in/es5xbH8P   #AIinHealthcare #DigitalInnovation #ClinicalResearch #MassGeneralBrigham

408

18 Comments