King of Prussia, Pa.-based Universal Health Services defends against cyber threats with the intensity of the world-champion Philadelphia Eagles and the specialization of Navy SEALS, a leader told Becker’s.
The 29-hospital system receives 7 million hacking attempts a day, with a team of 50-plus cybersecurity staffers and a bevy of technology programs warding them off, said Chief Information Security Officer Kim Sassaman.
Mr. Sassaman compared his staffers to the Philadelphia Eagles, who recently won a Super Bowl over the Kansas City Chiefs, an offensive juggernaut, with the help of a stifling defense: “A football team has core competencies: safety, defensive line, linebacker. They have to know their plays, but they also have to be agile and limber enough to think on their feet as things change. If things aren’t going as planned, how do we shift and pivot? I’m just blessed to have one of the most amazing teams I’ve ever gotten to lead.”
Mr. Sassaman was recently recognized for his leadership when he was named to executive community CISOs Connect’s 2025 C100 for the country’s top cybersecurity influencers.
His reports include a former CISO, and he recruits from defense agencies and contractors. He talked about his approach to constructing his staff: “Do you need an army or do you need the Navy SEALs? I’d rather build teams that are the Navy SEALs: highly specialized, a few of us who get a lot of things done leveraging great technology. I truly can appreciate companies that may want that 100-, 200-person digital army, but for us, we’d rather utilize those resources for patient care or driving the bottom line.”
Mr. Sassaman also sets a high bar for talent. “When I’m looking for an architect, I am looking for that Albert Einstein, right? I’m looking for somebody who technically gets their space, is brilliant, can turn the impossible possible, can see around the corners, can iterate through the possible,” he said. “And for my leaders, it’s all about those soft skills. It’s making sure I’m bringing somebody in who can bring people on board, who can keep people in the boat, who can motivate others to see beyond themselves.”
Healthcare is the most targeted industry by hackers, and it is only getting more challenging for cybersecurity leaders, Mr. Sassaman said: “Just like any warfare-type scenario, when things get quiet, it usually means somebody’s gone under. The tactics have changed.”
With AI being used by both hackers and cybersecurity teams, Mr. Sassaman said nowadays it’s “truly becoming bot vs. bot.”
“Who has the better robot? The bad guys or us?” he said. “That’s where our investments go, and that’s what we expect of our vendors. We need to see them innovate as fast as the bad guys. It’s a digital arms race, it truly is.”
Large language models like ChatGPT are also making phishing attempts more convincing. “Spelling errors in emails are a thing of the past,” Mr. Sassaman said.
At the same time, cybercriminals are taking their techniques back to the ’80s and ’90s with social engineering schemes where they call help desks attempting to reset users’ multifactor authentications or passwords. Some hackers are even phishing through the Post Office via snail mail.
UHS tries to make its technology platforms as fail-safe as possible, with Mr. Sassaman comparing it to all the safety features in new cars these days: “Even if somebody falls for that phish and clicks on it, enough automations kick in to inoculate what could happen next.”
But Mr. Sassaman and his fellow leaders also have to acknowledge the serious consequences of a healthcare cyberattack. “It might sound a little rough and tough, but we’re dealing with issues that could impact patient safety,” he said. “If a provider makes enough mistakes, they’re looking to do something different in life. Misusing technology could be equated to misusing a scalpel or something like that.”
