Your email gateway may be airtight, yet a malicious link can still land on a clinician's calendar and outlive every deleted message. Health-ISAC explains the technique slipping past MFA and what stops it before credentials walk out the door. Source: H-ISAC Flags CalPhishing Threat Exploiting Calendar Auto-Processing to Harvest Login Credentials on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

You vetted the vendor, but the account you provisioned may outlive the contract. A new Health-ISAC report rethinks third-party access as a governed lifecycle, with one control it calls the strongest move a health system can make. Source: Health-ISAC Lays Out Governance Fixes for Healthcare’s Third-Party Access Risk on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Your AI governance committee already debates when a model change should force a re-review. The AMA just took a position, and its audit triggers may become the benchmark vendors and regulators expect. Source: AMA Pushes Evidence and Audit Standards for Clinical AI Tools on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Your strongest detection tools may already be a step behind. Gartner says attackers hold the advantage on four AI-era threats most health systems are not yet built to absorb. The reasons may surprise your security team. Source: Gartner: Deepfakes and Prompt Injection are Outpacing Enterprise Cyber Defenses on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Think an imaging upgrade means swapping one system for another? At Moffitt, a single breast imaging product that couldn’t scale opened a three-year path to enterprise consolidation — and revealed which problems IT should chase next. Source: Moffitt’s Lindsay-Wood Says Enterprise Imaging Consolidation Started With One Problem That Wouldn’t Scale on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Most leaders still treat a cyber outage as an IT problem to be fixed fast. But when the network goes dark, can your clinicians still treat patients for 30 days? Two healthcare leaders reveal who must own the answer. Source: AHA’s Riggi and Joint Commission’s Walders Say Cyber Resilience Needs a Single Accountable Executive on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Your cyber policy was built to answer a breach, but an AI agent can cause a loss without one. A new analysis shows where that silence leaves health systems exposed, and what closes it. Source: NYU’s Zhu Says Autonomous AI Exposes a Silent Coverage Gap in Cyber Policies on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Most throughput fixes chase length of stay after the fact. Ochsner's Jason Hill bets that front-end access and a real-time Epic prediction matter more. One Cosmos stat changed how he plans every admission. Source: Ochsner’s Hill on Building a Throughput Engine and the Epic Cosmos Stat That Surprised Him on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Your staff are not the weakest link, and the metric proving otherwise may be misleading you. New cybersecurity research reveals why training completion rates mask the behavior that actually determines whether your next breach starts with a click. Source: The Human Element Is a Cyber Hard Problem. Here’s What Health System Security Teams Can Take From New Research on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Breach reports tell you an attack happened and what it cost. They miss what patients and clinicians endured while systems were down. One researcher found that missing story hiding on Facebook and Reddit. Source: UC San Diego’s Kumar Says Social Media Exposes Ransomware Impact That Breach Reports Miss on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Your phishing training covers the obvious attacks. A slower threat is working your research teams through fake job offers on the platforms they trust most. A new federal alert tells security leaders exactly what to watch for. Source: FBI Alert Warns Health Systems of Chinese Espionage Targeting Research and Cleared Staff on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Prevention was always the scoreboard for security teams, but AI just rewrote the rules. Gartner says the leaders who pull ahead will modernize identity, measure resilience, and answer four threats where attackers now hold the edge. Source: Gartner: Cyber Leaders Must Treat Identity as Infrastructure as AI Attack Surfaces Multiply on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

TEFCA breach notification decisions now demand tight CIO-legal coordination, says a healthcare attorney on the Epic, Health Gorilla suit. Source: Healthcare Attorney Oscislawski Says Epic, Health Gorilla Suit Shows Need for Tight IT-Legal Coordination on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Rural hospitals have absorbed healthcare’s worst ransomware with the fewest resources. A new federal order changes the calculus, opening a path to AI cyber defenses once reserved for national security systems. Here’s what it could mean for your security team. Source: New AI Executive Order Hands Rural Hospitals a Path to Frontier Cyber Defense Tools on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders

Most security teams assume policy is step one. The harder truth is they cannot govern the AI already running on their networks through shadow tools and quiet vendor upgrades. Four cyber leaders share what they had to see first. Source: Health System Cyber Leaders Warn AI Visibility Must Come Before Governance on healthsystemcio.com - Interviews & Webinars with Health System IT Leaders