On the October 26, 2023 episode of Shot of Cyber, Gilad and Simon host Errol Weiss, Chief Security Officer at Health ISAC. We discuss the genesis of information sharing in the industry and what makes or breaks such a key component of collective defense. Errol’s experience is truly unique in this space and he helps us navigate the recent wave of attacks on the health sector with a cool mind and some valuable hindsight.
Access the podcast at Shot of Cyber’s website
https://shotofcyber.podbean.com/e/errol-weiss/
When asked about the history of Information Sharing and Analysis Centers, Errol responded:
ISACs were formed to encourage the private sector to share when it came to threats, vulnerabilities and incidents, similar to the Neighborhood Watch program, [where neighbors tell each other if they see any suspicious activity.]
To expound on information sharing for beginner, Errol mentioned the recently updated Health-ISAC white paper, Information Sharing Best Practices, and some tips inside the paper:
- – Addresses challenges to beginning the sharing process, such as how to get your boss and lawyers to agree to information sharing
- – Invite people from your legal department to a tabletop exercise – this shows them what happens during a cyberattack and demonstrates how sharing threat and vulnerability information is extremely beneficial before, during and after an attack.
- – Covers developing trust for information sharing and attending activities to make local connections
- – A useful paper for all sectors, not just Health