This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

Hey everyone. I'm Drex Sand. This is the two minute drill where I cover some of the hottest security stories in healthcare, all part of the 2 29 project. Cyber and risk community here at this week. Health. Great to see you today. Happy Veterans Day to my fellow vets. Here's some stuff you might wanna know about.

I've talked about the 2015 Cybersecurity Information Sharing Act, the other cisa, and what that law provides to all of us in the form of liability protection, allowing companies to share threat intel with each other and the feds, and the interest of protecting each other. That law gets a temporary extension as part of the current plan to reopen the federal government, which is great, but the extension is only until the end of January.

So we might be right back where we are today, sometime after the new year, which means you should keep your 2 29 project ciso, Intel Pipelines hot and your sharing agreements updated because I'm not sure what will happen next with CISA 2015. Another story that I've talked about is the Oracle E-Business Suite hack.

The ransomware group. Clop has now posted data reportedly from 29 victims to their leak site. It includes Harvard University and Envoy Air and the Washington Post, and a lot of others. And it's the others part of this that I'm worried about because they could be some of your third or fourth party partners.

The open source stories that I've read mentioned companies like Schneider Electric and other unnamed generic companies that do pro services, construction, hvac, and technology, and I can't seem to find like the great master list of those victims. If you see the list, please share it with me. I'm happy to take a look and reshare it if it's valid.

A as you know. A lot of these companies who are victims of these kinds of crimes, uh, do their best to lawyer up and to stay quiet and hopefully fly under the radar. And that lack of transparency is usually bad for all of us. So keep your radar up. If you're a wizard, Google customer, you should know that the US Department of Justice has cleared Google's $32 billion acquisition of Wiz.

Now, there's still some other hurdles, but that was definitely the big one. And asset visibility and exposure management company Armas has raised $435 million in a pre IPO funding round. That kind of funding round makes it clear that the demand for C, everything across IT and OT and IoT and Bio Med should continue to be somewhere near the top of your work list.

More on this story and all the latest healthcare tech and security news at this week, health.com/news. In the comments, I'll put links directly to Spotify and Apple so that you can hit those and sign up for all the shows in the UNH hack channel, including the two minute drill, and of course, smash that like and subscribe button.

That's it for today's two minute drill. Thanks for being here. Stay a little paranoid and I will see you around campus.