Interview with Errol Weiss, Chief Security Officer, Health Information Sharing & Analysis Center (H-ISAC).
Errol has over 25 years of experience in Information Security. He began his career with NSA conducting vulnerability analyses and penetrations of highly classified US Government systems and then spent ten years with consulting firms delivering information security services such as Managed Security Services, Security Product Implementations and Secure Network Designs for Fortune-100 companies.
In 1999, Errol was a key member of the team responsible for the creation, implementation and operation of the Financial Services ISAC. He’s one of the four named inventors on the patent for Trusted and Anonymous Information Sharing.
Errol was with Citigroup from 2006 to 2016 where he created and ran the Cyber Intelligence Center, a global organization that provided actionable intelligence to thousands of end-users across the entire enterprise. From 2016 to 2019, Errol was a Senior Vice President with Bank of America’s Global Information Security team where he ran the global Cyber Threat Intelligence team. During his time with Citi and Bank of America, Errol was an active user of FS-ISAC. He served on the FS-ISAC board of directors for six years, was on the FS-ISAC Threat Intelligence Committee for 10 years and volunteered on several industry committees.
Errol has a M.S. in Technical Management from Johns Hopkins University and a B.S. in Computer Engineering from Bucknell University.
In this interview, held a day after the conclusion of the inaugural APAC Health-ISAC Summit held in Singapore, Errol shared his insights on APAC cyber threats and defenses in the health sector.
Highlighting the Health-ISAC Executive Summary Annual Threat Report 2023 “Current and Emerging Healthcare Cyber Threat Landscape”, Errol also noted the evolution of ransomware threat actors and motivations, since the 2016 WannaCry ransomware that hit the U.K. Health sector with significant impacts.
He also shared his perspectives on the changing cybersecurity landscape, including cyber defense postures, the level of awareness at the board level, and regulations such as mandatory breach reporting, over the last decade.
Errol also touched on the increased sophistication of social engineering threats potentially posed by ChatGPT, flagged as a concern at the summit.
Errol wrapped up the interview with a short introduction to Health-ISAC (Information Sharing and Analysis Centre), and the membership scope and services.
Recorded 10am, 24th March 2023, Resort World Sentosa Singapore.
