5 Ways to Strengthen the Cyber Conversation with CFOs
Cybersecurity isn’t just a technical conversation anymore; it’s a financial one. In healthcare, the cost of cyber risk is measured not only in terms of breached records or downtime, but also in canceled procedures, delayed reimbursements, and long-term reputational damage. When patient safety and solvency are both at stake, CISOs and CFOs must operate as […]
Lessons from the Frontlines: Navigating a Cybersecurity Crisis During Healthcare Integration
A healthcare CISO faced an unusual situation in an already challenging time. Louis Wright, CISO and Director of IT Security for USA Health in Mobile, Alabama, oversees cybersecurity for a healthcare network that includes major hospitals and more than 70 clinics spread across Mississippi and Alabama, including some that were part of the recently acquired […]
CISO Brief: Cybersecurity Awareness Month 2025
Since the start of 2025, the healthcare sector has continued to experience cyber incidents that have disrupted patient care, exposed millions of records, and reshaped organizational thinking about resilience. Cybersecurity Awareness Month is not just about reminding people of risks; it’s about translating real-world events into actionable lessons. Below is a look back at the […]
Rethinking Your Cybersecurity Budget in Tight Times
For any hospital or health system with a 60%+ percentage of Medicare/Medicaid patients, the upcoming cuts authorized in the Big Beautiful Bill will impact you and your cybersecurity budget. But there are proactive steps you can take to prepare for the reductions coming in 2027. That’s the topic explored in detail in the new Fortified […]
Why Unstructured Data Is a Hidden Risk
When most people think about sensitive data, they picture electronic health records (EHRs), financial databases, or other structured systems. Those are important, but they’re not the whole story. The bigger risk for many organizations — especially in healthcare — sits in unstructured data. Think files, folders, spreadsheets, shared drives, emails, SharePoint, Teams, and cloud storage. […]
CISO Brief: August 2025 Cybersecurity Threat Recap & Fall Outlook
August 2025 underscored a reality for healthcare cybersecurity leaders: AI is an asset and an attack surface. This past month, we witnessed some notable AI realities, including early warning signs of “AI fatigue” as enterprises struggle to realize the promised efficiencies. This month’s themes highlight two sides of the same coin: adversaries weaponizing AI to […]
Leveling Up Healthcare Cybersecurity Teams From “Overwhelmed to Elite”
Many healthcare IT/cyber teams are small and resource-constrained – often on the brink of burnout. They don’t have the headcount of larger organizations, yet they still have the potential to be elite. That’s the topic explored in a new Fortified webinar called “Overwhelmed To Elite: Leveling Up Healthcare Cybersecurity Teams”. The webinar contains helpful tips […]
Why a Risk Assessment is the First Step Toward Cyber Resilience in Healthcare
Knowing where to begin. That’s the biggest challenge most healthcare leaders face when it comes to maturing their cybersecurity programs. From HIPAA requirements to NIST frameworks, the regulations and risks can feel overwhelming. That’s why a risk assessment is often the smartest first step. The Problem to Solve Healthcare organizations are required to conduct periodic […]
August 2025 CISO Brief: Policy, Funding, and the Path Forward
How federal staffing cuts, government restructuring, and Medicaid policy shifts threaten the cybersecurity posture of our healthcare system. In a recent set of Questions for the Record (QFRs), Senator Edward Markey highlighted growing vulnerabilities in the cybersecurity infrastructure supporting the U.S. healthcare system. These questions, submitted to the Senate HELP Committee, signal urgent concern over […]
In Honor of Kevin Mitnick: What Healthcare Must Learn About Social Engineering
This article was developed by Fortified Health Security experts, Don Kelly, Troy Cruzen, and Bob Thurner, drawing from their real-world experience in vCISO management and consulting roles. Kevin Mitnick was once the most wanted hacker in the U.S. and taught us one critical truth: people, not systems, are the easiest way in. On August 6, […]