Healthcare , Industry Specific , Information Sharing

CyberEdBoard Insights: Phil Englert and Errol Weiss

Health-ISAC Experts on Obstacles to Sharing Healthcare Cybersecurity Information
Errol Weiss, CSO, Health-ISAC and CyberEdBoard member, and Phil Englert, vice president, medical device security, Health-ISAC

Transparency is crucial in building cyber resilience, but healthcare organizations are often cautious about sharing critical information, fearing "it will come back to haunt them," said Errol Weiss, CSO at Health-ISAC. While reputational damage, legal issues and potential lawsuits prevent organizations from coming forward in the event of an attack, it is an important step to keep the industry secure from similar attacks. "To beat one of us, they have to beat all of us," said Phil Englert, vice president of medical device security at Health-ISAC.

See Also: A Secure-By-Default Strategy for Driving Your Business Success

The Health Information Sharing and Analysis Center advocates for transparency in sharing information about incidents, including anonymous sharing options to protect organizations. Shifting the focus from protecting assets to delivering patient care during cyberattacks is crucial, Englert said. By prioritizing business risk over legal concerns, healthcare organizations can improve incident response and build resilience.

"The information could potentially resonate with somebody else in this community, and they may have experienced that same event as well," Weiss said. "Organizations could benefit from those learnings. What did they do to mitigate that threat? What did they do to bring the systems up? Where were their priorities, and what other lessons could they benefit from?"

In this video interview with Information Security Media Group at the 2024 Healthcare Cybersecurity Summit, Weiss and Englert also discussed:

  • Roadblocks that slow down incident response and preparedness for healthcare organizations;
  • How the healthcare industry can overcome challenges in information sharing;
  • How the intricate nature of healthcare networks and supply chains relates to effective incident response.

Englert has more than 30 years of technical and operational leadership experience in healthcare and life sciences. Prior to joining H-ISAC, he served as chief product officer for MedSec and was the global leader for medical device cybersecurity at Deloitte.

Weiss has more than 25 years of experience in information security. He began his career with the National Security Agency conducting penetration tests of classified networks, created and ran Citigroup's Cyber Intelligence Center and was a senior vice president executive with Bank of America's Global Information Security team. He is a member of the CyberEdBoard.


CyberEdBoard is ISMG's premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.

Join the Community - CyberEdBoard.io.

Apply for membership


About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.in, you agree to our use of cookies.