Cybersecurity in healthcare is no longer just an IT issue. It is a leadership, operations, and trust issue that can disrupt care, expose sensitive data, and test whether an organization is truly prepared for a crisis.

In this episode, Zach Lewis, CIO and CISO at the University of Health Sciences and Pharmacy in St. Louis, shares how AI is changing the cybersecurity landscape and reflects on the real-world ransomware attack that shaped his new book, Locked Up. He explains how threat actors are using AI to accelerate reconnaissance, sharpen phishing attempts, and exploit fundamental weaknesses more quickly, while defenders still need to focus on the basics: identity, access, data protection, patching, and segmentation.

Zach also walks through the moment his organization realized it was facing a LockBit ransomware attack, the decisions that followed, and the hard lessons learned from the response. He discusses why tabletop exercises matter, how security culture must be built through relationships rather than fear, and why data governance is becoming even more urgent in the age of generative AI. The conversation closes with a practical and hopeful look at where AI could create real value in healthcare, from smarter clinical support to more personalized health insights.

Tune in and learn why resilience in healthcare cybersecurity depends on strong fundamentals, transparent leadership, and a clear understanding of how people, data, and technology intersect.

Resources

• Connect with Zach Lewis on LinkedIn here.

• Visit the Homesteading CISO website.

• Get a copy of Locked Up: Cybersecurity Threat Mitigation Lessons from a Real-World LockBit Ransomware Response here.