#71: Errol Weiss: From Banking to Healthcare Cybersecurity
We sat down with the Health-ISAC Chief Security Officer to discuss his 25-year career spanning banking, government, and healthcare to identify the biggest cybersecurity threats and trends impacting the healthcare industry in 2025 and beyond.
About Errol Weiss
Errol Weiss is the Health-ISAC Chief Security Officer, has over 25 years of experience in Information Security beginning his career with the National Security Agency. He created and ran Citigroup’s Cyber Intelligence Center and was a Senior Vice President Executive with Bank of America’s Global Information Security team.A Summary of Our Conversation with Errol Weiss
The podcast, hosted by David and Shlomi, features Errol Weiss, Chief Security Officer at Health ISAC, a veteran with over 25 years of experience in information security. Weiss shares insights drawn from his diverse career, including his time at the NSA, Citigroup, and Bank of America, and discusses key lessons, challenges, and strategies in the cybersecurity landscape.Career Foundations and Lessons Learned
Weiss emphasized the importance of carrying forward lessons from earlier stages of his career, noting that many cybersecurity issues from decades ago still affect organizations today. He highlighted the need for organizational leadership and technical training, especially in a relatively young profession like cybersecurity. During his tenure at the NSA, Weiss participated in leadership training programs, which underscored the importance of motivating diverse teams, fostering innovation, and challenging the “echo chamber” effect. Diverse perspectives, he argued, are critical for creating effective solutions and strategies.
Unique Challenges in Healthcare Cybersecurity
Weiss described the unique challenges faced by healthcare organizations compared to financial services. Healthcare systems often manage complex infrastructures, including modern cloud-based systems, legacy devices (like MRI machines with outdated operating systems), and diverse medical device ecosystems. This complexity is compounded by a longstanding underinvestment in cybersecurity, with resources historically allocated toward privacy and compliance (e.g., HIPAA regulations) rather than robust security measures.
He stressed that underfunding and a lack of dedicated Chief Information Security Officers (CISOs) in healthcare make it challenging to protect these environments effectively. However, incidents such as ransomware attacks have driven increased awareness and investment in healthcare cybersecurity over the past decade.
Role of Threat Intelligence
Weiss highlighted the evolution of threat intelligence, emphasizing its critical role in cybersecurity. At Citigroup, he built a global cyber intelligence center with a team of 40 professionals providing threat intelligence services. He outlined two aspects of threat intelligence:
1.Tactical: Organizations must stay updated on current threats, ensuring their networks are prepared for emerging attack methods.
2.Strategic: Mature organizations should align their budgets and resources with long-term threat trends to anticipate and mitigate risks effectively.
Weiss lauded ISACs (Information Sharing and Analysis Centers) as valuable platforms for sharing threat intelligence, best practices, and attack insights. These collaborative networks help organizations of all sizes improve their security postures.
Insights from Financial Services
Drawing comparisons between financial services and healthcare, Weiss noted that financial institutions have historically prioritized cybersecurity, allocating significant resources to mature their programs. This investment has resulted in repeatable, measurable processes that continuously improve security measures. Weiss advised other sectors, including healthcare, to emulate these practices by leveraging ISACs and investing in workforce development and process maturity.
Emerging Threats and the Role of AI
Weiss identified the increasing sophistication of cybercriminals as a major concern. He noted that attackers are relentless in monetizing breaches, often targeting hospitals without regard for the human impact. Recent trends include double extortion tactics, where attackers demand ransoms not only from organizations but also from individuals whose data has been compromised.
Weiss also discussed the transformative role of artificial intelligence (AI) in cybersecurity. While AI democratizes advanced tools for attackers (e.g., creating more effective phishing campaigns and scams), it also presents opportunities for defenders to automate threat detection and response. Weiss stressed the need for vigilance and innovation to stay ahead of these evolving threats.
Advice for Aspiring Cybersecurity Professionals
Weiss offered advice to those seeking to enter or advance in the cybersecurity field:
1.Technical Path: Gain relevant experience by pursuing technical training and certifications. Study job descriptions for entry-level positions and identify skill gaps to address through free or affordable online resources.
2.Non-Technical Path: Explore roles in governance, training, awareness, and third-party risk assessment. Weiss highlighted the importance of diverse skill sets, including backgrounds in non-technical disciplines like policy-making and communication.
3.Leadership Development: Weiss underscored the value of leadership skills in motivating teams, fostering diverse thinking, and driving organizational change.
Final Thoughts on Cybersecurity’s Importance
The podcast concluded with a discussion about the critical role of cybersecurity in ensuring safety and trust across industries. Weiss, David, and Shlomi agreed that cybersecurity is essential for protecting sensitive data, ensuring regulatory compliance, and enabling safe innovation in fields like healthcare and automotive. They emphasized that while cybersecurity is challenging, it is also an area with immense career potential and societal impact.
In summary, Weiss’s insights highlight the importance of collaboration, adaptability, and innovation in addressing the growing challenges of cybersecurity. His experience underscores the need for a balanced approach that integrates technical expertise, strategic foresight, and leadership to safeguard critical infrastructures in a rapidly evolving threat landscape.