Episode #128. Zero Trust, 7,000 Hospitals, and a Whole Lot of Risk, with Chris Plummer, Senior Cybersecurity Architect at Dartmouth Health
What happens when nearly 7,000 hospitals are left to fend for themselves in the face of rising cyber threats and AI risks?
In this episode, Chris Plummer reconnects with host Ed Gaudet to share cautious optimism about HIPAA rulemaking, highlight the inefficiencies of decentralized cybersecurity across thousands of hospitals, and discuss how mergers can support under-resourced rural facilities. He also explores the rapid growth of generative AI in healthcare, emphasizes the need for responsible AI oversight and vendor accountability, and closes with career advice that prioritizes curiosity, thoughtfulness, and human connection over credentials.
Tune in to hear Chris Plummer break down the real challenges healthcare organizations face and why curiosity and connection might be your most significant assets!
For more information and ways to increase risk awareness and safety, visit us at www.censinet.com.
About Chris Plummer:
Chris Plummer is a senior cybersecurity architect with Dartmouth Health, New Hampshire’s largest private employer and only academic medical system. He has 25 years of experience working for a broad spectrum of organizations, ranging from 90s startup tech ventures born in apartments and basements to multinationals such as IBM and VF to the Department of Defense, where he devoted eleven years of civilian contractor support to the US Navy. Chris now focuses squarely on healthcare, driving improvement in our nation's most important critical infrastructure sector.
Chris is actively engaged with the Federal Health Sector Coordinating Council (HSCC), FBI Infragard, Infragard's Cyber Health Working Group(CHWG), the New Hampshire Cyber Threat Working Group, and the New England Healthcare Information Security Forum (NEHISF). He obtained the CISSP in 2009, when the exams were administered with chisels and stone tablets.
The National Science Foundation, NIST, and national media have solicited Chris as a cybersecurity subject matter expert. Chris spoke at Infosecurity North America 2018 in New York City, headlined by Kevin Mitnick. He has been featured in PCWeek and Modern Healthcare Magazine.
In June 2023, Chris discovered a critical bug in Gmail that permitted cybercriminals to abuse the BIMI specification and authoritatively impersonate some of the largest corporations on Earth. This story gained worldwide media attention and forced a change to Google's authoritative stamp of approval on Gmail messages within days.
Things You’ll Learn:
- Proposed changes from the previous administration are likely off the table, creating uncertainty and driving the healthcare sector to advocate for practical, updated solutions.
- With nearly 7,000 hospitals protecting themselves independently, there’s a critical need for more collaboration, consolidation, and shared resources, especially for small and rural hospitals.
- The number of generative AI web apps has exploded, and without proper tools and oversight, organizations are vulnerable to data leaks and misuse.
- The real concern isn’t clinicians uploading PHI to ChatGPT, but a lack of awareness about what data is being shared and how it might be used downstream.
- Beyond degrees and certifications, the qualities that truly set professionals apart are curiosity, thoughtfulness, and the ability to communicate effectively.
Resources:
- Connect with and follow Chris Plummer on LinkedIn.
- Follow Dartmouth Health on LinkedIn and their website.
Check out Chris Plummer’s previous episode on Risk Never Sleeps here!