As human beings, we are programmed with a desire to help others in need, but this is one of the reasons that hackers are so successful in infiltrating our networks.
This week the Black Hat Conference takes place, followed by DefCon (in its 25th year); both cover the security landscape and feature plenty of insights into cyberattacks and ways of preventing them. The keynote at DefCon this year is focused on “Making Security Work for Everyone” and features Alex Stamos the chief security officer for Facebook. Last year I was lucky to be in the room during the Social Engineering Capture the Flag (SECTF) competition at DefCon 24, when the winning participant was on stage.
Each year SECTF participants compete to extract information from a list of target companies over the phone simply by using clever subterfuge and social engineering skills. It was an eye-opening experience to witness the ease with which a complete stranger was able to create a trusting relationship with an employee in the target company and obtain a large amount of information (you can read the details of the competition, targeted companies, and the information contestants were asked to gather online here).
This approach, leveraging social engineering, is not the end game for cyberattacks, but it is increasing in use and even being automated. The use of artificial (or augmented) intelligence (AI) is being explored in many fields, and hacking is no exception. Security companies are using AI to help automate protection, but there is no reason hackers won’t use the same approach to increase the number and sophistication of their attacks.
Security is Everyone’s Responsibility
The intent of the aforementioned competition is to expose risks and educate individuals and employees about them. Investing in education regarding company security fulfills a corporate goal but is a bit like offering health insurance to employees: it gives them value as well. Not only are they better-equipped to protect the corporate assets and information, but they are better positioned to protect their own personal assets and finances.
We don’t hear too much in the news regarding the “Nigerian 419 Scam” – but that’s not because it isn’t impacting people. As this chart shows, the scam resulted in the collection of $12.7 billion in 2013 alone.
We remain under constant attack, with variations of these approaches and other methods like phishing, vishing, and smishing (email-targeted attack, voice-targeted attack, and SMS-targeted attacks, respectively). Security needs to be everyone’s responsibility and has to come from the very top of the organization. It’s the same for any family. In my household, I invest a lot of time explaining these attack vectors and sharing stories of individual and corporate failures and losses that came as a result of poor security. I never miss an opportunity to use examples from all around me to illustrate why security matters and what you can do to achieve it.
The same should be true in any corporate environment: security needs to come from the board and CEO down. It can’t be an edict that applies just to employees while senior leadership is either ignoring or even bypassing the recommendations and training. Companies that have clear security guidelines and equip their employees to deal with potential attacks perform better and have lower risks of being breached.
Incremental Improvements for Employees in Managing Security
The recent WannCry ransomware outbreak that was closely followed by the Petya outbreak that swept around the world and crippled many companies and services offered a window into future potential challenges and raised awareness regarding security. Here are my suggestions for incremental improvements:
Do you have any other suggestions? What small change have you seen that makes a big difference when it comes to improving security in your organization, and in healthcare in general? What one thing could we do that would have a big impact in this area?
Please don’t hesitate to contact me with suggestions.
That’s how Centers for Medicare & Medicaid Services (CMS) Administrator Mehmet Oz announced the publication of the CMS Final Rule on the Adoption of Standards
The articles describe a significant 2026 dispute over the misuse of health information exchanged by asserting a treatment purpose through Carequality. (Raths) The core allegation
Please log in to your account to comment on this article.
Gain clarity and confidence in OB‑GYN coding with this expert‑led webcast featuring Stacey Shillito, CDIP, CPMA, CCS, CCS‑P, CPEDC, COPC. You’ll learn how to apply global maternity package rules accurately, select the right CPT codes for procedures and visits, and identify documentation gaps that lead to denials. With practical guidance and real examples, this session helps you strengthen compliance, reduce audit risk, and ensure accurate reimbursement for women’s health services.
Uncover essential coding insights with nationally recognized coding authority Kay Piper, RHIA, CDIP, CCS. Through ICD10monitor’s interactive, on‑demand webcast series, Kay walks you through the AHA’s 2026 ICD‑10‑CM/PCS Quarterly Coding Clinics, translating each update into practical, easy‑to‑apply guidance designed to sharpen precision, ensure compliance, and strengthen day‑to‑day decision‑making. Available shortly after each official release.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s fourth quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Uncover critical guidance on the ICD-10-CM/PCS code updates. Kay Piper reviews and explains ICD-10-CM/PCS coding guidelines in the AHA’s third quarter 2026 ICD-10-CM/PCS Coding Clinic in an easy to access on-demand webcast.
Federal auditors are intensifying their focus on inpatient psychiatric facilities, using advanced data analytics to spotlight outliers and pursue high‑dollar repayments. In this high‑impact webcast, Michael Calahan, PA, MBA, Compliance Officer and V.P., Hospital & Physician Compliance, breaks down what regulators are really targeting in IPF-PPS admissions, documentation, treatment and discharge planning. Attendees will learn practical steps to tighten processes, avoid common audit triggers and protect reimbursement and reduce the risk of multimillion-dollar repayment demands.
In this timely session, Stacey Shillito, CDIP, CPMA, CCS, CCS-P, CPEDC, COPC, breaks down the complexities of Medical Decision Making (MDM) documentation so providers can confidently capture the true complexity of their care. Attendees will learn practical, efficient strategies to ensure documentation aligns with current E/M guidelines, supports accurate coding, and reduces audit risk, all without adding to charting time.
Join Ronald Hirsch, MD, FACP, CHCQM for The PEPPER Returns – Risk and Opportunity at Your Fingertips, a practical webcast that demystifies the PEPPER and shows you how to turn complex claims data into actionable insights. Dr. Hirsch will explain how to interpret key measures, identify compliance risks, uncover missed revenue opportunities, and understand new updates in the PEPPER, all to help your organization stay ahead of audits and use this powerful data proactively.
Stay ahead of the 2026-2027 audit surge with “Top 10 Audit Targets for 2026-2027 for Hospitals & Physicians: Protect Your Revenue,” a high-impact webcast led by Michael Calahan, PA, MBA. This concise session gives hospitals and physicians clear insight into the most likely federal audit targets, such as E/M services, split/shared and critical care, observation and admissions, device credits, and Two-Midnight Rule changes, and shows how to tighten documentation, coding, and internal processes to reduce denials, recoupments, and penalties. Attendees walk away with practical best practices to protect revenue, strengthen compliance, and better prepare their teams for inevitable audits.
Prepare for the 2025 CMS IPPS Final Rule with ICD10monitor’s IPPSPalooza! Click HERE to learn more
Get 15% OFF on all educational webcasts at ICD10monitor with code JULYFOURTH24 until July 4, 2024—start learning today!
BLOOM INTO SAVINGS! Get 25% OFF during our spring sale through March 27. Use code SPRING26 at checkout to claim this offer.
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 1 with code CYBER25
CYBER WEEK IS HERE! Don’t miss your chance to get 20% off now until Dec. 2 with code CYBER24
