Data Security Decoded provides actionable, vendor-agnostic insights to reduce data security risk and improve resilience outcomes. Designed for cybersecurity and IT professionals who want practical insights on preparing for attacks before they happen, so they can respond effectively when they inevitably do. Episodes feature insights from researchers, crafters of public policy, and senior cybersecurity leaders, to help organizations reduce risk and improve resilience. Data Security Decoded provides practical advice, proven strategies, and in-depth discussions on the latest trends and challenges in data security, helping listeners strengthen their organizations' defenses and recovery plans.
All content for Data Security Decoded is the property of Rubrik and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Data Security Decoded provides actionable, vendor-agnostic insights to reduce data security risk and improve resilience outcomes. Designed for cybersecurity and IT professionals who want practical insights on preparing for attacks before they happen, so they can respond effectively when they inevitably do. Episodes feature insights from researchers, crafters of public policy, and senior cybersecurity leaders, to help organizations reduce risk and improve resilience. Data Security Decoded provides practical advice, proven strategies, and in-depth discussions on the latest trends and challenges in data security, helping listeners strengthen their organizations' defenses and recovery plans.
HIPAA 2.0, Minimum Viable Hospitals, and Strategies for Cyber Resilience within Healthcare
Data Security Decoded
22 minutes
5 months ago
HIPAA 2.0, Minimum Viable Hospitals, and Strategies for Cyber Resilience within Healthcare
Welcome to the Data Security Decoded podcast, brought to you by Rubrik Zero Labs. In each episode, we discuss cybersecurity with thought leaders and industry experts, getting their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.
In this episode, our host, Caleb Tolin, is joined by Errol Weiss, Chief Security Officer at Health-ISAC and former cybersecurity leader at Citi and Bank of America. Errol shares his journey from the NSA to building one of the most collaborative threat intelligence networks in healthcare, discussing cyber recovery, the minimum viable hospital model, and why culture and community matter in achieving true resilience.
Errol Weiss has been a driving force in advancing cybersecurity resilience across critical sectors, beginning with his early work at the National Security Agency and later leading security programs at Citi and Bank of America. As Chief Security Officer at Health-ISAC, he built a threat operations center from the ground up, delivering original threat intelligence to healthcare organizations that often lack the resources to do it alone. With deep experience across consulting, finance, and healthcare, Errol has become a leading voice in shifting the conversation from protection to recovery, promoting a resilience-first mindset, collaborative intelligence sharing, and a human-centric security culture.
Join Caleb and Errol as they explore what makes healthcare cybersecurity unique, how to embed security into clinical culture, and why building a “human firewall” is just as critical as any technical control in today’s evolving threat landscape.
Episode Highlights:
00:00 - Intro
01:33 - Moving from consulting and finance to healthcare cybersecurity
02:12 - What ISACs are and how Health-ISAC supports threat sharing
04:39 - Building a threat operations center from scratch
06:38 - Collaboration differences between finance and healthcare ISACs
07:24 - Shifting from disaster recovery to cyber recovery and resilience
09:12 - Why HIPAA 2.0 is unlikely to advance and what’s happening instead
11:58 - How policy mandates collide with healthcare’s talent and budget challenges
13:01 - Biking, mental clarity, and leadership outside of work
14:26 - Embedding security into healthcare culture and creating a human firewall
16:43 - The rise of the minimum viable hospital concept
18:20 - Why Errol remains optimistic about AI and the future of cybersecurity
Episode Resources:
Health-ISAC Official Site
National Council of ISACs website
Rubrik Zero Labs website
Caleb Tolin on LinkedIn
Errol Weiss on LinkedIn
Data Security Decoded
Data Security Decoded provides actionable, vendor-agnostic insights to reduce data security risk and improve resilience outcomes. Designed for cybersecurity and IT professionals who want practical insights on preparing for attacks before they happen, so they can respond effectively when they inevitably do. Episodes feature insights from researchers, crafters of public policy, and senior cybersecurity leaders, to help organizations reduce risk and improve resilience. Data Security Decoded provides practical advice, proven strategies, and in-depth discussions on the latest trends and challenges in data security, helping listeners strengthen their organizations' defenses and recovery plans.
