Paubox Weekly Fully Automated - A HIPAA compliant email security Podcast
Fully Automated is your weekly rundown of the biggest healthcare cybersecurity stories, delivered in a conversational format by Alex and Jen, two AI hosts who break down breaches, vulnerabilities, and compliance news with clarity, a little dark humor, and always a practical takeaway. Perfect for healthcare IT leaders, administrators, and compliance officers who want to stay informed without wading through the noise.
Paubox Weekly Fully Automated - A HIPAA compliant email security Podcast
Send HIPAA compliant email from the terminal, or your agent
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
You're listening to Pow Box Weekly, fully automated.
SPEAKER_01I'm Jen, cybersecurity analyst, perpetual reader of breach reports.
SPEAKER_00And I'm Alex, healthcare IT guy who still believes we can fix things. Good week?
SPEAKER_01Define good. Microsoft just told us they blocked 8.3 billion phishing emails in Q1 alone.
SPEAKER_00Billion. With a B.
SPEAKER_01With a B. And here's the kicker. QR code phishing went from 7.6 million attempts in January to 18.7 million by March. That's not a trend. That's a structural shift.
SPEAKER_00Because QR codes bypass a lot of traditional email filters.
SPEAKER_01Exactly. The payload isn't in the link text anymore. It's hiding in an image. Your filters see a picture. The user sees, scan this to verify your account.
SPEAKER_00So the takeaway for our listeners train your people.
SPEAKER_01QR codes and emails should be treated like suspicious attachments. If you didn't ask for it, don't scan it.
SPEAKER_00Speaking of trust issues, the ransomware negotiator story. Oh, this one hurts. A negotiator, someone healthcare orgs hired to help them during attacks, was secretly working with the Black Cat gang, maximizing ransoms, taking a cut.
SPEAKER_01$75 million. That's what they extracted. From their own clients.
SPEAKER_00It's a brutal reminder. When you're in crisis mode, you're vulnerable. And the people you bring in, you have to vet them. Due diligence doesn't stop when you're panicking, especially then. Alright, let's shift to something more hopeful. Powbox launched a CLI this week.
SPEAKER_01Command line interface. For sending HIPAA compliant email.
SPEAKER_00Right from the terminal. Or, and this is the interesting part, from an AI agent.
SPEAKER_01So any automated workflow that can invoke a shell command can now send secure email. No human in the loop required.
SPEAKER_00They built it as part of becoming more AI native. It pairs with their MCP server.
SPEAKER_01Install takes 30 seconds. For the devs listening, this is the kind of tool that just removes friction.
SPEAKER_00Which actually connects to something else. Powbox hosted a dinner in Nashville last week. Healthcare IT and security leaders. And friction was a big theme.
SPEAKER_01One quote stuck with me. Some of these security solutions come with the need for a full-time employee just to manage them.
SPEAKER_00That's the math no one talks about. You can buy the tool, but can you actually run it?
SPEAKER_01And another one. Email still feels too reactive, too dependent on users making the right decision.
SPEAKER_00Which is why automation matters. If you're waiting for a human to catch every phishing attempt, you're already behind. The CLI, the archive exports, it's all about reducing that dependency.
SPEAKER_01Speaking of archive exports, Powbox added self-service mail exports to their archiving feature.
SPEAKER_00So admins can now search, select, and download archived messages directly from the dashboard.
SPEAKER_01Compliance reviews, audits, e-discovery, no support ticket, no waiting.
SPEAKER_00For the compliance officers listening, this is the kind of thing that saves you a Wednesday. Maybe even a Thursday. So let's tie this together. We've got billions of phishing attempts. A negotiator who was supposed to help, but was actually helping himself. And healthcare IT teams stretched so thin that tool usability becomes a deal breaker.
SPEAKER_01None of this is bad luck. It's bad configurations, blind spots, misplaced trust.
SPEAKER_00And most of it, fixable.
SPEAKER_01Vet your benders, train your users, automate where you can, and stop assuming the tools you bought are actually being used.
SPEAKER_00That's the week. Thanks for listening.
SPEAKER_01Stay secure out there. Or at least stay patched.
SPEAKER_00We'll see you next time.