John Riggi

National Advisor for Cybersecurity and Risk, American Hospital Association

John Riggi, a highly decorated 28-year veteran of the FBI, serves as the first national advisor for cybersecurity and risk for the American Hospital Association (AHA) and its 5,000-plus member hospitals. To assist with related policy and advocacy issues at the AHA, John leverages his distinctive experience at the FBI and CIA in the investigation and disruption of cyberthreats, international organized crime and terrorist organizations. His trusted access to hospital leadership and government agencies enhances his national perspective and ability to provide uniquely informed risk advisory services. John’s national perspective is further informed by his direct role in assisting hundreds of hospitals and health systems that have been victimized by ransomware.

On behalf of the AHA, John was a leading cybersecurity voice representing the nation’s hospitals and health systems during the 2024 Change Healthcare cyberattack, including testimony before Congress in April 2024. In 2023, he helped initiate and lead the joint U.S. Department of Health and Human Services (HHS)/Healthcare and Public Health sector hospital cyber resiliency report, which led to the development of the voluntary HHS Cybersecurity Performance Goals.

John represented the nation's hospitals in testimony before the Senate Homeland Security Committee hearing on cyberthreats to hospitals in December 2020. This assisted in the passage of PL 116-321, providing regulatory relief for HIPAA-covered victims of cyberattacks. In 2021, John’s prominent advocacy encouraged the government to raise the investigative priority level of ransomware attacks to equal that of terrorist attacks.

Additionally, John initiated and co-led a national health care sector task group to develop resources to assist the field in managing cyber risk as an enterprise risk issue. He also launched a national campaign with the AHA and government agencies to help members protect medical research against foreign threats.

In various leadership roles at the FBI, John served as a representative to the White House Cyber Response Group, as a senior representative to the CIA, and as the national operations manager for terrorist financing investigations. He also led counterintelligence field surveillance programs in Washington, D.C., and financial crimes and terrorist financing squads in New York City. John ultimately rose to the ranks of the Senior Executive Service, and in that capacity, led the FBI Cyber Division national program to develop mission-critical partnerships with the health care and other critical infrastructure sectors. He held a national strategic role in investigating the largest cyberattacks targeting health care and other sectors.

John also served on the NY FBI SWAT Team for eight years. He is the recipient of the FBI Director’s Award for Special Achievement in Counterterrorism and the CIA’s George H.W. Bush Award for Excellence in Counterterrorism, the CIA’s highest award in this category. John presents extensively on cybersecurity and risk topics and is frequently interviewed by the media.

Articles

Cybersecurity, AHA Center for Health Innovation

Third-Party Cyber Risk Impacts the Health Care Sector the Most. Here’s How to Prepare.

John Riggi, AHA national advisor for cybersecurity and risk, explains why cybercriminals are shifting from directly targeting hospitals to hitting the third-party technology and service providers critical to supporting hospitals’ clinical care. He highlights four key strategies to help hospitals and health systems strengthen their third-party risk management program against the debilitating effects of the next, inevitable Change Healthcare-like cyberattack.

Cybersecurity, AHA Center for Health Innovation

4 Key Ways to Prepare for, Prevent and Respond to High-impact Cyberattacks

What can your hospital or health system do to proactively prepare for a cyberattack with plans to maintain both business and clinical continuity? Gain insights gleaned from a recent AHA webinar with four health care leader panelists and John Riggi, national advisor for cybersecurity and risk for the AHA. Read Riggi’s new AHA Cyber Intel blog article to learn four strategies to effectively prepare for a cyberattack.