Torbjörn Kronander, CEO at Sectra discusses cloud and security. Hope you enjoy.
This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.
Today we have another interview in action from the conferences that just happened down here in Miami and Orlando. My name is bill Russell. I'm a former CIO for a 16 hospital system and creator of this week health instead set of channels dedicated to keeping health it staff current and engaged. We want to thank our show sponsors who are investing in developing the next generation of health leaders, Gordian dynamics, Quill health tau site nuance, Canaan, medical, and current health.
Check them out at this week.health.com/today. Here we go. All right. Today we are doing another interviews and action. , as you know, we did 50 interviews at the chime and Vive conferences, but we didn't get to everybody. We want to talk to. And today we're going to talk to the CEO of Sectra, Torbjörn Kronander. I really appreciate getting the opportunity to sit down with you. We've we've actually talked to some of your clients about your, , imaging solution sectors imaging solutions. And most recently we talked to, , Jamie Nelson with the hospital for special surgery and, , she came on and talked about the digital pathology solution.
That they implemented and a fantastic solution. , today we're going to talk cloud and security. You guys, you guys have a lot of things going on. Tell us a little bit about sector.
Well Secora was from the beginning, a cyber security company stands for secure. We still do that. , for many years, people didn't really understand what we did cybersecurity on the very highest levels with secret and top secret approved in both NATO and EU and Swedish defenses.
Why we did that in the same company, we do medical technology, but now with the increasing threats for medical medical, it, we have a huge synergies between the two of them. We are building cybersecurity team, all our other products.
Two phenomenal things to have knitted together. I think a lot of medical imaging companies, medical device companies are trying to backfill the cyber street.
Part of, of writing the software and the applications, but, but that's really part of your DNA. Talk a little bit about the, the work that you guys do , with NATO and the EU, if you, , what you can share, I guess. Sure.
, when we can quite share quite a lot of how would you look at what would the, we, we provide the EU and the emissaries with the emphasis of the EU and the EU commission.
And including links to a crane right now with encrypted mobile and phones. , these mobile phones that are encrypted and approved on secret level by NATO. So you can talk about really secret information. We build the films entirely ourselves, and we also have remote terminals who have remote internet over them as well, which is important to have that encrypted.
And then we'll talk encrypted that on the military level, not on the ordinary internet level. So.
Wow. So are those, we know you do the imaging in the U S do you, do you do cybersecurity work in the U S as well?
We have some very small sites, but mainly we do in the U S is provide or make sure that we have the same kind of thinking and built into our emissions.
So we, , cyber security is very difficult to pat into system post development. You need to take this into consequence. First thing you do in development. And we already had that in place. So we have built sub security into every single product we sell into the us. Nothing is a hundred percent secure, but we, I would say we are among the most secure I, our medical it vendors over.
Well, as you see the, the attacks on health systems increase, what are some of the things that, that sector it brings to the table to, , give me a peace of mind that that I'm as protected as I, I can be around these, these critical system.
Well, we have, as I said, we built in the architecture from day one.
We will have the cybersecurity architect's view, reviewing everything we did, which is important because as I said before, no chain is stronger than its weakest link and you have to build the team from the beginning. So we were just awarded by a class actually as one of the eight, most cyber secure it, providers of medical it in the us.
And, and, , this is. But you have to build a team from the beginning and we, we take what we know for the matrix, and then we put that into medical RTS. Well,
so talk to me about your, the, you know, the approach. , with regard to your, your, , your imaging system. So it's, , it's only one piece of the puzzle and we have the EHR.
I actually, at my house, we had 900 some odd applications. When, when we're looking at the architecture of these things, it's not really enough to have my imaging system. , to know that my sector system is secure. How, how, how would you talk to CEOs in healthcare, in the U S about securing the entire enterprise?
When it first comes still predicting system. Most attacks today are not on the application level. It's on the operating system. For instance, the Warner cry in the UK that hit the UK a couple of years were more or less took the entire country to grinding health, a hole for healthcare. And that was an attack on a known patching windows that had not been passed by the NHS.
So, , I would consider a lot of making sure that the practice that actually come out or are patched immediately in my environment, I would also very much consider going to the cloud. And then for instance, Asher, , or Microsoft clouds, because. Well, they do, they do patching their own systems with their own patches immediately.
And as I said again, you cannot accelerate kind of vulnerabilities that become known they are patched, but then they are not actually updated in the hospital. So securing the operating system, that's number one, then two factor often say authentication, , which is, you know, all over, but they're often in, not in hospitals, they still have single factor authorization with single password to have secure VPN channels, more and more people want to work.
I work from home. Now, what people forget is a BPM channel is a dangerous thing. You don't know who sits on the other side of the line and that guy might have a. And what you do on a normal VPN on level three pianos IP level, and you open the entire network for someone sitting somewhere else. Now there are the parents of which we have one, , operating the level four.
, so then you can assure you can own the access as service. But not the entire network. You can have different types of deacons as well, but these combines, it's kind of a, you need to umbrella, , having an umbrella view of everything on the entire system that will say patching the operating systems to factory for authorization, and then have a proper beep against it also fee and of course, and secure applications that would take away.
W we really have to know what's going on on our network these days. The, one of the things that changed the way I thought about cybersecurity was when our, our, , internal auditor came in and said, we want you to assume they're already on your network. Okay. Now protect your network. Now protect the data.
Now, protect those things. And that's sort of what you just described. It's we don't know who's on the other end of that VPN. All right. So they're in now, how do we protect.
We have a modern it solution. As we do internally, our company, you need to own your own defense. So you need to assume someone can breach the outer layer, but then there's another.
And then they can be staffed. Then there is another layer, but there's a delay for each bridge of each layer. And the real core things like protecting the inner data structures or, or the ADA, for instance, that's to be very central, inside many layers of security. And that means you can detect inclusion before it reaches the inner port.
So you need to think like an onion building an only, an art of security. That's very important.
That's fantastic. Where's where's imaging going next. Digital pathology seems to be, , be taking off. What are some other areas we see imaging, , growing into in the next couple weeks.
, I think cloud will be an important thing.
Not the least for cyber security reasons. I think archiving on prem will the history, , not immediately, but in the long-term, , I see the imaging systems growing together into one single enterprise systems. It's very, very difficult, , to maintain. 10 different packages. One of the Knology one for pathology, one for, so we see enterprise imaging, the CIO wants one system to maintain also the cyber security reasons.
Then you can make sure that at least it's secure. So a consolidated structure, we have, , most of it in the. In the public cloud, for instance, Azure or Google or Amazon, and then everything in one application and then high level of cyber security protection around it. That's what we see coming.
You know, you are preaching to the choir, as they say the, , at our health system, we had so many imaging solutions, but the, the challenge was.
, technology one, it was a, it was a usability one. The, the oncologists would say, look, our imaging is different than the, the cardiologists would say ours is different. And the radiologist would say, no, ours is different. And they all needed specific features. I mean, how do you, how do you get past.
That's completely true.
So you have one backend system that serves everything, but the front end, they actually, , you know, the, the user interfaces, they will be different. We have a special one for the beatings. So the look at normal x-ray images, they looked on them on a completely different way to measure different things.
And cardiology is also different pathologies, completely different games. It's difficult, different types of images. Now you want all of them to be available, but when you view pathology teams, you want the pathology user interface, but on the same work list on the same system, you can also do like geology and then you'll get to Rachel to use.
So back in it's the same, the front-end varies with specialty.
Yeah. So the back, I mean the backend, essentially, you're, you're looking for security storage, archiving. You're looking for all those features.
All of these can be common. And then the use rent face, especially the viewing of images. The workflow engine can be the same for many ologists, but the viewing component needs to be different.
So talk about your us presence. How, how are you guys growing in the, in the. We are
growing a lot right now, actually our limiting factor right now is delivery capacity, which is a nice problem. , but we're soaking it out. We are growing very much, , and, and the mainly in large networks, It's a little huge consolidation can go wrong.
The U S hospitals buying and they merged thing. And we're very good at that. We can scale from a single work session to a country. All our Northern Ireland is one country. We have it all the one single pack. So you can read all images in the entire country from any workstation. If you're allowed to for cyber security reasons, that means at nighttime, you can have a night shift, super specialized in something special, covering a company.
So that we'll see that scalability is an important thing. Reason while we are growing a lot.
Yeah. Accessing these images really changed during the pandemic. , I mean radiology and cardiology and what I mean, these, these images were often remote. There was remote reads going on, but through the pandemic, we saw that the remote reads really going up, I guess this is, this is the argument for a cloud system.
What we used to hear is no, no, no, no. PACS has to be local. The images are so low. It has to be local. You can't, you can't do it in the cloud, but you're, you're essentially saying no, it almost has to be in the cloud for security reasons and for access
reasons and yes, and also the cost reasons. So you can have a multi-tiered approach.
, look at cyber security. I mean, , the big cloud providers that can guarantee you that this is non writeable me on, you know, right. Ones, media you're writing on that means no one can encrypt your files because they cannot access them. They cannot rewrite them. , that's a cybersecurity, , recent that is those long ways in the cloud, but yes, you can be as fast from the cloud as we can be, , on prem.
And how, how is that? These are very large images. So you have the image being taken locally and then going up to the cloud, is there a significant delay or have we gotten through the latency?
So you actually only look at the data you want to review, like Google maps. You don't have the entire world that the real solution or by one spare meter on your phone. Now, the foam sends up data to the cloud, , to Google who sends exactly that little map you want to see back. And we do exactly the same in pathology.
For instance, that's what you need to do. , but increasingly also radiology in pathology, we've measured the full resolution image. It's the only view to about three, 4% by pathologists. They will need to see full resolution for anything more and you don't have to pass, repeat it because still see everything.
But you don't see the delay. There is similar to how Google maps works.
Fantastic Verbier. And we would, , thank you for your time and thank you for, , , spending some time with us. We're many time zones apart. So it's afternoon for you a morning for me, but I really appreciate, , really appreciate you spending this time.
Thank you very much for
inviting me another great interview. I want to thank everybody who spent time with us at the conferences. It is phenomenal that you shared your wisdom and your experience with the community, and it is greatly appreciated. We also want to thank our channel sponsors who are investing in our mission to develop the next generation of health leaders, Gordian dynamics, Quill health tau site nuance, Canon medical, and current health.
Check them out at this week. health.com/today. Thanks for watching. That's all for now.