Guests: Charles Carmakal, CTO at Mandiant  Taylor Lehmann, Director at Office of the CISO, Google Cloud Topics: What are the current “popular” incidents at healthcare providers that you handled? Any of them involve cloud?  Do healthcare CISOs have time for anything other than ransomware? Does insider threat matter? What can incident response teach us here? How do you think the threat actors benefit from the health data they steal?  Based on your IR experience, what are the more interesting ways in, other than phishing? Give us your IR-informed take on ransomware pay/not pay focused on healthcare, ideally?  Resources: “The key role ‘visibility’ plays in healthcare’s cybersecurity resilience” “How healthcare can strengthen its own cybersecurity resilience” “M-Trends 2022: Cyber Security Metrics, Insights and Guidance From the Frontlines” “Future of EDR: Is It Reason-able to Suggest XDR?” (ep29) “MFA fatigue attacks: Users tricked into allowing device access due to overload of push notifications”“VS21: A Playbook for Resiliency: Contain and Remediate Ransomware Before It Can Act” “FDA Announces Fix for Pacemaker Security Flaws”