This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

Hey everyone, I'm Drex and . This is the Two Minute Drill, where I cover three hot security stories twice a week, all part of the 229 Cyber and Risk Community here at This Week Health. The Two Minute Drill is brought to you by ORDR. You want to know everything about everything connected to your network, but you don't have the resources to manage what you're seeing?

Bring ORDR to the chaos with ORDR Managed Services. Find out more at ORDR. net slash healthcare. Thanks for joining me today. Here's some stuff you might want to know about. Cyber attacks broke records in 2024 with providers and supply chain partners hit especially hard. So far there's been 677 breaches reported to the HHS breach portal, the wall of shame, affecting more than 182 million people.

And I say so far because 2024 breaches occurring in these last couple of weeks may wind up being reported in 2025 as 2024 breaches. So we won't really have all the final numbers for a while. More on that whole story on our new site. And by the way, on Thursday, I'll be publishing a special Top 24 Breaches of 24.

So keep an eye out for it on LinkedIn. Or message me if you miss it. I'll send it to you directly. I'm Drex at ThisWeekHealth. com. And I heard from some of you over the past few days, Cyberthugs love the long weekend and the holidays, and I hate that at least some of you were on site fighting the good fight.

Thank you for reaching out. Thank you for keeping us safe. I've posted another good story on thisweekhealth. com slash news about managing security threats when most of the team is out of the office. And the final story today, the HIPAA Security Rules Notice of Proposed Rule Making, the NPRM, has been released by HHS.

There's a lot of changes. Just one example, a requirement for greater specificity in conducting a risk analysis, including a written assessment that includes. a review of your full asset inventory and a network map. And seriously, that's just the tip of the iceberg. You can and should review the NPRM and make comments.

You have less than 60 days to do that now. So one more thing for your new year's resolution list, the two minute drills brought to you by ORDR. You know you can depend on ORDR to give you visibility into everything on your network, but now you can also depend on ORDR managed services to help you stay on top of all those things in real time, all the time.

Check out ORDR. net slash healthcare for details. That's it for today's two minute drill. Thanks for being here. Stay a little paranoid. I'll see you around campus.