Health Stealth Radio: How the Iran War Has Expanded CyberSecurity Attack Surfaces

This episode of Health Stealth Radio explores the expanding cyberattack surface in healthcare due to escalating geopolitical tensions, particularly the ongoing conflict involving Iran. Host Frank Katita welcomes back Denise Anderson, a cybersecurity expert and CISO, to discuss how recent hacktivist activities—such as the destructive 'Striker' wiper attack—have shifted the threat landscape beyond traditional DDoS or defacement tactics. Anderson emphasizes that the private sector, particularly ISACs like Health ISAC, is now leading the charge in threat intelligence and response, as government agencies like CISA remain sidelined. She highlights the use of legitimate security tools like Microsoft Intune as attack vectors, underscoring the irony of security tools being weaponized by threat actors. The conversation also delves into the growing crisis of CISO burnout, exacerbated by constant high-stakes incidents, and the global nuances in cybersecurity culture, especially across Asia, where shame-based communication and regulatory differences complicate breach response. Anderson shares Health ISAC’s proactive efforts, including botnet takedowns, international summits, and the SMART initiative to map single points of failure in healthcare infrastructure, such as imaging systems. The episode concludes with a call for greater focus on real security over compliance and a measured approach to emerging technologies like shadow AI. Key takeaways include: (1) Geopolitical conflict is directly expanding cyberattack surfaces, especially in healthcare; (2) CISOs are under unprecedented stress, requiring systemic support for burnout; (3) Security tools like Microsoft Intune can be exploited by attackers, demanding continuous risk assessment; (4) Global cultural and regulatory differences significantly impact breach response strategies; (5) Third-party and supply chain risks remain a top concern, with the SMART project helping map critical vulnerabilities; (6) Overemphasis on compliance distracts from actual security posture; (7) Shadow AI use is growing and must be managed with governance; (8) Proactive collaboration through ISACs is essential when government agencies are unable to lead.