UnHack with Drex DeFord

January 27, 2026: Jack Kufahl, CISO at Michigan Medicine, and Gregory Garneau, System VP and CISO at Hospital Sisters Health System, join Drex for an unfiltered conversation about building cybersecurity programs that outlast their founders. From hiring curious minds over credentialed experts to ditching traditional vulnerability management for threat-driven exposure strategies, these battle-tested CISOs reveal what actually works in healthcare security. They challenge conventional wisdom on staffing models, vendor relationships, and the real cost of forcing extraordinary people into ordinary roles. If you're tired of the same workforce shortage statistics and ready for actionable strategies, this conversation delivers.
Key Points:
05:09 Creating a World-Class Cybersecurity Team
19:50 Disruptive Startups in Cybersecurity
20:51 Importance of Vendor Partnerships
22:48 Training and Career Development
27:18 Leadership and Management Insights

Golf Tournament Registration: https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealth
X: This Week Health
LinkedIn: This Week Health
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

January 26, 2026: Fresh from J.P. Morgan 2026, the This Week Health team joins Zahid Rathore, Senior Partner at Chartis, to dissect healthcare's new reality. With Epic and Microsoft topping CFO spend lists and unpredictability replacing planning cycles, one thing is clear: vendors must prove bankable ROI immediately or lose the deal. The conversation explores how healthcare leaders are protecting the core while navigating AI agents, third-party risks, and the compression of innovation timelines from three-year returns to prove-it-tomorrow expectations.
Key Points:
02:44 Hotel Experience and Healthcare Lessons
04:13 JP Morgan Conference Highlights
16:35 Operational Challenges in Healthcare
22:11 Security Concerns and Future Outlook

In a stunning betrayal of trust, two cybersecurity professionals—an incident response manager and a ransomware negotiator—pled guilty to operating as affiliates of the AlphaV/BlackCat ransomware gang. Between May and November 2023, they attacked five U.S. companies, including healthcare organizations, while simultaneously working in roles designed to help ransomware victims recover. The FBI's seizure of the gang's infrastructure exposed chat logs and payment records that led to their arrests. Both face up to 20 years in prison, with sentencing scheduled for March 12th. This case highlights the critical importance of vetting third-party incident response providers and understanding insider threats in cybersecurity.
Remember, Stay a Little Paranoid
X: This Week Health
LinkedIn: This Week Health
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer

January 19, 2026: Bill Russell, Drex DeFord, and Sarah Richardson unpack OpenAI's two major healthcare announcements that could fundamentally reshape how patients interact with their health data—and how health systems govern AI. ChatGPT Health promises to finally deliver on the personal health record dream, letting patients aggregate everything from Apple Health to medical records in one secure place. Meanwhile, ChatGPT for Healthcare gives CIOs the governed sandbox they've been desperate for. Hear why patient data monetization, clinical trial recruitment, and the shift from provider liability to patient empowerment could make this time actually different.
Golf Tournament Registration: https://carahevents.carahsoft.com/Event/Details/686801-ThisWeekHealth
Key Points:
05:00 ChatGPT Health Announcement
17:40 Personalized GPT and Analytics in Healthcare
22:05 Wearable Health Tech and Personal Health Records
25:35 Community Events and LinkedIn Series

As healthcare organizations deploy AI agents across clinical, business, and research operations, we're creating a new class of insider threat—one that works 24/7, follows instructions perfectly, and moves at machine speed. Drexel explores why AI agents with tool access become de facto insiders and why we need clear boundaries, tight access controls, and human approval workflows before these powerful assistants cause unintended damage. The key insight: the moment an AI agent gets tools, it becomes an insider that must be governed like one.
Remember, Stay a Little Paranoid
X: This Week Health
LinkedIn: This Week Health
Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer