This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.
Hey everyone, I'm Drex and. This is the 2 Minute Drill, where I cover three hot security stories twice a week. All part of the 2 29 Cyber and Risk community here at this week. Health. Today's two minute drill is brought to you by Interprise Health, A health catalyst company. You know, 2024 really highlighted the risk of supply chain breaches and insider threats.
Make 2025 the year to adopt a holistic approach to cybersecurity risk management with Blueprint Protect. Check it out@Interprisehealth.com. Thanks for joining me today. Here's some stuff you might want to know about. A new report from Forrester says that 2025 will begin a new era of accountability for CISOs.
Boards want to see a solid return on cyber investments, and that can be tough to do given hard ROI numbers. Can be challenging for some cyber investments. Overall budgets are predicted to grow over the next several years. The most successful CISOs are tying investments to outcomes with a clear connection to the mission or reducing tech stack sprawl.
And improving compliance, and that last one's a focus for us in healthcare with more regulations at the state level and pending HIPAA security rule expansion. If you'd like to share some of your ideas on how you work with the board to better connect on security portfolio investments, I'd love to hear about the plan.
Drop me a note. I'm Drex at ThisWeekHealth. com. With just a few days left in office, the White House has launched the U. S. Cyber Trust Mark. It's a voluntary labeling program that alerts buyers about the security of interconnected smart devices. The hope is it'll incentivize manufacturers to build more secure devices from the start, since many of those devices are used by cyber thugs to attack health care.
and other organizations regularly. The White House is also working on an executive order to limit federal purchasing of connected products to those who meet the cyber trust mark minimum standard. When a health system is victimized by a cyber attack, one of the first things that seems to happen is that a class action lawsuit is filed against the organization.
Well, it's just been announced that Tampa General Hospital will settle a class action lawsuit stemming from its 2023 data breach for 6. 8 million dollars. There were about 2 million people who had data compromised as part of that breach. There's more on that story, all these stories, and a lot of others at thisweekhealth.
com slash news. Today's two minute drill was brought to you by Interprise Health, a health catalyst company. Interprise's blueprint centralizes privacy, security, and third party risk management on a single scalable platform, helping you to identify, prioritize, and address risk across your healthcare system.
Check it out at InterpriseHealth. com. That's it for today's two minute drill. Thanks for being here. Stay a little paranoid, and I'll see you around campus.