A new report from Black Book Research landed with the kind of weight that should stop healthcare IT leaders in their tracks. Issued ahead of HIMSS26 Europe in Copenhagen, it surveyed 284 hospital, health system, and cybersecurity decision-makers across the continent and arrived at a conclusion about hospital cyber resilience across Europe: cyberattacks have shifted from data theft to care disruption. The headline statistic is stark. Only 14% of European hospital cybersecurity buyers are confident their organization can operate safely for 72 hours without core EHR access. That’s not a compliance gap. That’s a patient safety gap. At Shelter Zoom, this report affirms what we’ve been building toward — and it sharpens the urgency for every healthcare organization evaluating their

This week’s Security Squawk drew a line through three unrelated-looking incidents and landed on the right conclusion: your attack surface is no longer just your company. It’s your software vendors, your clearinghouses, your package repositories, and your suppliers. We’d push the point one step further. If even the most security-mature organizations on earth are getting breached through their dependencies, then prevention has a ceiling, and pretending otherwise is the actual risk. The strategy that survives the next headline doesn’t ask how to keep every vendor perfectly secure. It asks a colder question: when a partner fails, and one will, what survives it? That’s the lens we build for. Two short takes on this week’s stories, and what each one says