When Tom August joined John Muir Health in 2015, the health system lacked a structured approach to cybersecurity. August led the development of a risk-based program that focuses on threats and risks impacting the organization. To gain visibility into the network, August implemented TrapX, a deception technology that acts as an intelligent honeypot. This allowed John Muir Health to quickly identify and address suspicious activity on the network. August advises other CISOs to engage with vendors, be clear on the problems they are trying to solve, and consider innovative solutions from newer players in the market.

CISA Releases Security Advisory on 13 Industrial Control System Threats
The Cybersecurity and Infrastructure Security Agency (CISA) issued thirteen advisories to address vulnerabilities in industrial control systems (ICS), mainly in various Siemens systems and products