1) Cybersecurity incidents are common in healthcare, with 82% of hospitals reporting significant security incidents in the past year. Email remains the primary initial point of compromise, often through phishing. Email frequently contains sensitive patient information. 2) Several large healthcare data breaches in 2018 exposed the data of over 2 million patients total. Ransomware attacks were a factor in some of these breaches. 3) Cybersecurity frameworks provide a common language and methodology for managing risks. Frameworks like HITRUST and NIST CSF are complementary and organizations can leverage elements of both. Proper implementation and board involvement are important.