CDC, NIH: People, Technology Threaten Patient Data Most
Officials from the CDC and NIH discuss the top cybersecurity priorities as threats and technologies evolve.

Cybersecurity threats are evolving, and in turn, so are the healthcare sector’s efforts to thwart them. Key leaders at GovCIO Media & Research’s Health IT Summit discussed their views of today’s top threats: technology and people.
While each agency faces individual problems, the Center for Disease Control and Prevention (CDC)’s CISO Joe Lewis said ransomware remains a top threat. Lewis said ransomware attacks directly impact patient care.
“Impacts on patient care impact our ability to get data in order to make predictive decisions about how we apply resources to contain disease,” said Lewis. “Ransomware, in particular, has affected a number of high-profile healthcare entities over the last 12 to 18 months.”
Before President Biden’s executive order on artificial intelligence (AI), some agencies were hesitant to allow employees to use AI applications like ChatGPT. Lewis recalled being in meetings about the potential risks and benefits of using AI applications. He said the risk of using AI was something he would willingly accept.
“These new technologies can fundamentally alter how we deliver public health to the nation, and so I would much rather us err on the side of risking to do something than to do nothing,” said Lewis.
Lewis also emphasized that cybersecurity officials shouldn’t be the decision-makers on what technologies are being used. With governance in place, cybersecurity officials should inform employees how to use emerging technology safely, securely and intelligently.
As the technology used by bad actors improves, the workforce needs to follow suit. Jothi Dugar, CISO at the National Institutes of Health (NIH), said her team’s holistic and integrative approach includes focusing on people. Dugar started a cyber safety campaign at the NIH and connected cybersecurity to patient safety.
By putting cybersecurity into familiar terms, Dugar said people were more receptive to cybersecurity practices especially as NIH implements emerging technologies like AI. She said the knowledge employees possess empowers them to report cybersecurity incidents.
“We don’t want [employees] to feel too scared to tell our security folks because something bad is going to happen,” said Dugar. “It’s really important to take a holistic and integrative approach and with ‘people process and technology’ really focusing on the people.”
Lewis added that annual training exercises prepare employees for when a breach happens. By thinking in a ‘when’ mindset rather than ‘if,’ Lewis said policies and procedures are updated creating knowledge management. This allows the CDC to prepare for staff turnover and the future use of emerging technologies.
“My job as a leader is to get the most out of people while they’re there, support them, train them,” said Lewis. “If they leave for bigger and better, [they] leave some piece of institutional knowledge, and we remain resilient in the face of that turnover.”
This is a carousel with manually rotating slides. Use Next and Previous buttons to navigate or jump to a slide with the slide dots
-
DOD Turns to Skills-Based Hiring to Build Next-Gen Cyber Workforce
Mark Gorak discusses DOD’s efforts to build a diverse cyber workforce, including skills-based hiring and partnerships with over 480 schools.
20m listen -
Trump Executive Order Boosts HBCUs Role in Building Federal Tech Workforce
The executive order empowers HBCUs to develop tech talent pipelines and expand access to federal workforce opportunities.
3m read -
DOD Can No Longer Assume Superiority in Digital Warfare, Officials Warn
The DOD must make concerted efforts to address cyber vulnerabilities to maintain the tactical edge, military leaders said at HammerCon 2025.
4m read -
Tracking CIOs in Trump's Second Term
Stay informed on the latest shifts in federal technology leadership as new CIOs are appointed and President Trump's second term takes shape.
6m read -
IHS Prepares to Deploy PATH EHR at Pilot Sites in 2026
IHS targets PATH EHR pilot in 2026, emphasizing governance, collaboration and interoperability as key pillars of the modernization strategy.
4m read -
Inside Oak Ridge National Lab’s Pioneer Approach to AI
Energy Department’s Oak Ridge National Lab transforms AI vulnerabilities into strategic opportunities for national defense.
22m listen -
FEHRM CTO Targets Two-Year Cloud Migration for Federal EHR
Lance Scott touts new EHR tech advancements, including cloud migration, expanded data exchange and AI integration to improve care delivery.
4m read -
DOL Turns to Workforce Development to Maintain AI Superiority
DOL is bridging the AI skills gap through partnerships and upskilling to ensure future AI workforce readiness.
10m watch -
Trump’s Executive Order Spurs Federal Push for AI Literacy
Agencies are ramping up AI literacy efforts across the federal workforce and education systems after Trump's executive order on AI education.
5m read -
VHA’s AI Chief Led NIH’s New AI RFI
The agency's AI chief Gil Alterovitz helped develop a plan that hints at how NIH is charting the future of AI and biomedical research.
5m read -
White House AI Czar Outlines Industry's Role in Global AI Race
White House AI Czar David Sacks detailed the Trump administration's AI priorities and industry's role in growing the nation's AI economy.
3m read -
AWS Summit: Innovation Accelerates IT Delivery at DOD
Marine Corps Community Services is tackling outdated IT processes with agile development and cutting-edge cloud security to deliver mission-critical capabilities faster.
12m watch