Healthcare Videos

All News Deals Social Blogs Videos Podcasts Digests

Healthcare Cybersecurity

The Front Door Is Wide Open: Healthcare's IAM Wake Up Call | Executive Interview with Mark Ferrari

•May 20, 2026

This Week Health

This Week Health•May 20, 2026

Why It Matters

Effective IAM and contextual third‑party risk management are essential to prevent breaches that jeopardize patient safety and disrupt critical healthcare operations.

Key Takeaways

•Healthcare IAM failures let attackers walk through front doors.
•Asset inventory and third‑party risk are foundational security priorities.
•Organizations often buy tools without defining IAM policies first.
•Analyst‑driven vendor assessments provide context beyond generic risk scores.
•Incident response speed directly impacts patient safety and operational continuity.

Summary

The interview with Mark Ferrari, Vice President of Advisory Services at Fortified Health Security, spotlights a critical wake‑up call for healthcare cybersecurity. Ferrari emphasizes that identity and access management (IAM) has become the top threat vector, with attackers exploiting compromised credentials to walk through the front door of health systems.

Key insights include the necessity of robust asset inventory, the prevalence of third‑party breaches—estimated at 70‑75 % of disclosed medical record incidents—and the common mistake of purchasing IAM tools before establishing clear policies and controls. Ferrari advocates an analyst‑driven approach that couples technology with business‑side interviews to contextualize vendor risk beyond simple scores.

Notable moments feature Ferrari’s teaching mantra, “cybersecurity is not complicated, but not easy,” his EMT analogy linking emergency response to cyber incident handling, and the statistic that most data leaks stem from third‑party vendors. He also highlights Fortified’s Central Command platform, which integrates advisory services with continuous threat monitoring.

The implications are clear: healthcare organizations must prioritize IAM governance, refine third‑party risk assessments with contextual insight, and accelerate incident‑response capabilities to safeguard patient safety and operational continuity.

Original Description

Mark Ferrari, VP of Advisory Services at Fortified Health Security, joins Drex DeFord on UnHack for a candid conversation about the threat landscape keeping healthcare security leaders up at night. From asset inventory gaps to the explosion of identity-based attacks, Mark brings a rare perspective shaped by military service, 30 years as an EMT, and deep healthcare IT experience. He pulls no punches on why healthcare keeps buying tools before defining the problem, and what it actually takes to reduce risk rather than just measure it.

Keep up to date on the latest in health IT:

https://thisweekhealth.com/news/

Key Points:

01:16 Mark Ferrari Background

05:21 Hot Topics: Basics and IAM

12:40 Incident Response Patient Safety

14:46 EMT Mindset Closing

Linkedin: https://www.linkedin.com/company/ThisWeekHealth

Twitter: https://twitter.com/thisweekhealth

Donate: Alex’s Lemonade Stand: Foundation for Childhood Cancer - https://www.alexslemonade.org/mypage/3173454

Comments

Want to join the conversation?

Loading comments...