UnHack with Drex DeFord

The window between vulnerability discovery and exploitation has collapsed — from 63 days in 2018 to negative. Now AI is changing the game entirely. Drex walks through how Anthropic's unreleased model Mythos autonomously found a critical zero-day in the Ghost CMS, wrote its own exploit, and extracted sensitive credentials in under two hours — all without a CVE ever existing. Add in two accidental Anthropic data leaks in the same week, and the story gets more complicated. For healthcare organizations, the takeaway is urgent: your patch program was built for a world that no longer exists. Continuous vulnerability discovery, identity security, network segmentation, and board-level conversations about AI-powered attack speed aren't future priorities — they're today's baseline.
Remember, Stay a Little Paranoid
X: This Week Health
LinkedIn: This Week Health
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

April 8, 2026: Frank Duff, Chief Innovation Officer at Tidal Cyber, and one of the original architects of the Mitre ATT&CK framework, joins Drex DeFord on UnHack to expose an uncomfortable truth: most organizations are sitting on powerful security tools they've never fully turned on. Drawing from 18 years at Mitre and deep experience running ATT&CK evaluations, Frank explains how Tidal Cyber bridges the gap between what vendors build and what customers actually deploy. Squeezing more out of the tools you already own may be the most important security move you can make.
Key Points:
04:03 Honest Broker Gap
09:27 Risk Over Green Matrix
12:02 Wrap Up and Contact

Keep up to date on the latest in health IT:
https://thisweekhealth.com/news/
X: This Week Health
LinkedIn: This Week Health
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

April 6, 2026: The rules of warfare have changed, and health systems are caught in the middle. On this episode of Newsday, Sarah Richardson and Drex DeFord break down two stories that should be on every healthcare leader's radar: the IRGC's declaration that major tech companies are now legitimate combatants, and what the Stryker attack reveals about the fragility of the healthcare supply chain. From cloud co-location risk to vendor contract language, this conversation reframes what resilience planning actually demands in 2026. Stay a little paranoid.
Key Points:
02:04 Iran Targets Tech Giants
08:52 Resilience and Supply Chain
12:27 CISO Storytelling and Contracts
17:10 Cyber Reality and Wrap Up

Keep up to date on the latest in health IT:
https://thisweekhealth.com/news/
X: This Week Health
LinkedIn: This Week Health
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

April 1, 2026: James Winebrenner, CEO of Elisity, joins Drex DeFord to unpack one of healthcare cybersecurity's most persistent challenges, the sprawling, unseen attack surface hiding inside hospital networks. From unmanaged clinical devices to IoT systems running alongside regulated medical equipment, James breaks down how Elisity helps health systems move from visibility to control without re-engineering their networks. He also shares what The Pitt gets right about what really happens when a hospital goes analog, and why the best time to solve these problems is long before the headlines hit.
Key Points:
01:58 HIMSS Buzz and Customer Voices
08:16 Ransomware Goes Hollywood
10:39 RSA Plans and Wrap Up

X: This Week Health
LinkedIn: This Week Health
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

Drex makes the case for a role that doesn't exist yet but probably should: VP of Non-Human Resources. As AI agents multiply across health system environments, often deployed by vendors without oversight, the management infrastructure simply isn't keeping up. Agents have access, make judgment calls, and operate inside frameworks that affect patients and business operations, yet most have no job description, no onboarding, and no performance review. Drawing on signals from Harvard Business Review, Deloitte, Gartner, and Microsoft, Drex argues healthcare is quietly building a second workforce with none of the governance structures it took decades to build for the first one.

Remember, Stay a Little Paranoid

X: This Week Health
LinkedIn: This Week Health
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer