August 23, 2021: Drex DeFord and Bill discuss post HIMSS. How did the in-person and digital versions of the event go? In a Chartis Group survey of 220 executives, 52% have not progressed beyond pilot stages for digital integration, 47% cite digital as a top organizational priority and 80% plan to increase their digital investments. The benefits of telehealth have become widely known on Earth but now it’s taking off in space. What is NASA’s game plan for dealing with the challenges that this brings? And the LockBit ransomware gang, who hit Accenture this week, are now recruiting insiders. Scary stuff.
Newsday – Post HIMSS, Telehealth in Space and Digital Transformation Stuck in Auto Pilot
Episode 437: Transcript – August 23, 2021
This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.
[00:00:00] Bill Russell: Today on This Week in Health IT.
[00:00:02] Drex DeFord: Change is hard. The pandemic compelled a lot of us to do things that were not normal and were uncomfortable for us.
[00:00:09] Bill Russell: It’s news day. My name is Bill Russell. I’m a former CIO for a 16 hospital system and creator of This Week in health IT. A channel dedicated to keeping health IT staff current and engaged.
[00:00:25] Special thanks to Sirius Healthcare, Health Lyrics and World Wide Technology who are our [00:00:30]Newsday show sponsors for investing in our mission to develop the next generation of health IT leaders.
[00:00:34] Just a quick note, before we get to our show, we launched a new podcast Today in Health IT. We look at one story every weekday morning and we break it down from a health IT perspective. You can subscribe wherever you listen to podcasts. Apple, Google, Spotify, Stitcher, Overcast. You name it, we’re out there. You can also go to todayinhealthit.com. And now onto today’s show.
[00:00:58] Today it is Newsday and [00:01:00] this is our post HIMSS show. We have some security events as usual, unfortunately, telehealth and space and digital transformation seems to be stuck in autopilot today. We’re joined by the incomprable Drex De Ford. Drex welcome back to the show.
[00:01:15] Drex DeFord: Hey, thanks. It’s always good to be with you. Glad to see you’re doing well. And so we start with HIMSS. Did you go, did you wind up?
[00:01:24] Bill Russell: I did not make it. I, I canceled about a week and [00:01:30] three days before.
[00:01:31] Drex DeFord: We’re about two weeks out and we had sort of our own little staff huddle at CrowdStrike and said we’re going to, there are some events that we have already invested in that we’re going, that we’re sponsoring and we continue to do that, but we won’t attend in person. So we didn’t attend a lot.
[00:01:50] Bill Russell: Yeah. So I got bits and pieces out of it. We’re going to cover the story here. And this is the best coverage possibly get when you have your own media company, which [00:02:00] HIMSS does. They they cover themselves and their CEO said they were thrilled with the numbers. They haven’t released the numbers. They said they had 18,000 registrations just prior to the event. But you know, I, I talked to a couple of people who were there, they said positive things.
[00:02:18] They said the conversations were a lot more focused than they have been in the past. It was a lot easier to find the people you were trying to find if they were at the event but it was sparsely [00:02:30] attended. There’s no getting around it. It was with regards to a HIMSS, a normal 40,000 person event it was much smaller than that onsite but again, a lot of digital presentations. I’ve been looking at them and reading them some good presentations. And I don’t know. What did, what did you hear about the event?
[00:02:51] Drex DeFord: pPretty much the same. I mean, I think I, 18,000 registrations, I dunno some fraction of that attended. I think there were a lot of people who canceled [00:03:00] as they got closer and just attended digital only. Had a lot of friends and a lot of folks that I knew who we had plans to meet up that wound up sending me notes and saying, we’ve changed our mind. If it was anywhere but Vegas we could go a lot of that kind of conversation.
[00:03:18] So I think there were a lot of folks who backed out at the last minute, but I could totally see for the folks who went, you’re not as rushed to rush through this conversation to get to the next conversation. Cause [00:03:30] there’s nobody waiting in line or you take 10 minute appointments and turn them into 30 minute appointments. You’ve got a lot more time to have more in depth conversations. So that was probably good for the folks who who were there and involved in that kind of thing.
[00:03:46] Bill Russell: Let me, let me, let me throw a hypothetical at you. If it had been in Orlando, would that have changed the rubric around this?
[00:03:55] Drex DeFord: Orlando’s is, I mean it’s as red as [00:04:00] Las Vegas around Delta variant, right? So no, probably not Orlando. But if it would have been, I don’t know, I’d have, I’d have to look at the map.
[00:04:11] Bill Russell: It’s been a week since I looked at the map, but Orlando, it would have been better than Vegas because Vegas, there’s no way to control the environment because even though Orlando might be red, the Orlando convention center is a pretty [00:04:30] self-contained. I mean, if you’re doing a conference there, there’s nobody else there. It’s not like they’re doing it
[00:04:33] Drex DeFord: Tied into casinos and other people you’re, on your way to your room and back, you don’t have any choice except to go through crowded rooms with other people
[00:04:43] Bill Russell: As it was, I think you got the, did you see the email where a couple of people did?
[00:04:48] Drex DeFord: Yeah. Yeah. I posted about that this morning on 3XDrex but I got the note and then I’m like, oh no, I hope this isn’t like the beginning of something big, but it’s [00:05:00] three people tested positive that they know of so far. I can tell you, I got lots of videos from the people that I did know that went to the conference.
[00:05:10] I got videos from them regularly every night. Lots of parties without masks and people not social distancing and all of that. So I think there were a lot of people who went and were in the bubble and stayed in the bubble of the conference and went to their room and came back to the bubble that we’re [00:05:30] probably safer.
[00:05:32] But I also think there was probably an illusion of safety because there were also people who were leaving the bubble behaving not great in the evening. And then coming back to the bubble the next day. Everybody’s vaccinated, everybody has masks, but as we see right now, there’s tons of like breakthrough infections that you don’t have symptoms for. Then you get people who aren’t vaccinated in fact did. And it’s just, I don’t know. It’s tough.
[00:05:58] Bill Russell: I mean, [00:06:00] the good news is yeah everybody who went to the event was vaccinated. Right. So they had that process in place and we know that the breakthrough cases is somewhere around 5%. I mean the unvaccinated it’s like 90% of the cases and somewhere in the single digits is the breakthrough cases. So even, even if there was a significant outbreak amongst the people who went to HIMSS it’s still going to be a fairly low number. I’m not minimizing that. I’m just saying [00:06:30] that I think they did everything they possibly could do to make it as safe as they could short of just canceling.
[00:06:36] Drex DeFord: Yeah. Yeah. I think you’re going to have in-person conference. You know, they had is they had a significant number of protocols in place, and then you have to rely on the people who come to to do the right thing after that.
[00:06:49] Bill Russell: How did you follow the conference? I mean, did you follow it at all or did you just go back into your work?
[00:06:53] Drex DeFord: I went pretty much back into my work schedule. There were digital events. [00:07:00] I almost watched everything that I’ve watched so far has been, or during the conference. And then since the conference has been on demand, I don’t think I saw anything alive. And that’s just a schedule dictating things that I want to see.
[00:07:15] And like you said, I think the digital content this is another one of those things that’s happened over the course of the pandemic. Is that in the beginning, things switched to digital and they were all pretty terrible and difficult to use and hard to find the thing that you were looking for and [00:07:30] seeing it consuming it, all of that, and we’ve gotten better and better and better at that over time.
[00:07:35] And I think they did a decent job of presenting the content that they intended to present in the digital format. They did it pretty well. Yeah, absolutely watch stuff live. Or did you just watch ..
[00:07:48] Bill Russell: I watched nothing live. I will. I will say this. I reached out to a bunch of people that were giving presentations. I recorded my first one yesterday and it was around population health and data around the clinically integrated network. [00:08:00] That was a good recording. And that’s how I’m sort of following it. I picked the education presentations that I think would be valuable to the community. And they sent me their deck and I’m having them on the show and I’m interviewing them because that’s great.
[00:08:14] Those presentations are great for best practices and to really get an idea of what’s working. I, I’m a huge proponent of being a fast follower. The first one through the wall tends to get hurt, but the fast followers tend to do [00:08:30] well because somebody has found a gate that’s open and you can just walk through it.
[00:08:33] Drex DeFord: Yeah. \The practical part of this, right? The, for the people who go first and get lots of scars. They usually, they have really good stories to tell that, give me the few practical things that I need to use, that I didn’t have to learn by. Like you said, crashing through the wall at top speed and getting all those scars myself.
[00:08:52] Bill Russell: Yep. All right. So let’s hit some of the stuff that was covered in there. So HIMSS did a survey ahead of time. This is the [00:09:00] article title, the digital revolution has begun but 52% of executives have not progressed beyond the pilot stage. All right. So they did a survey. This was presented by let’s see, first person Tom Kiesau who’s a senior partner with the Chartis Group, talked about the findings and he talked to 220 executives on issues, such as digital health machine learning, AI.
[00:09:24] Here’s some of the things that are interesting. Again, 52% of the digital transformation projects [00:09:30]have not progressed beyond pilot stage. And let’s see. But they understand the need for digital transformation. So if they’re not progressing beyond pilot stage, but they understand the need close to half site digital as a top organizational priority and 80% plan to increase digital investments.
[00:09:50] That’s interesting. Executives question whether making an investment is the best way to begin, but a good warning sign. That more planning is needed. Is that new [00:10:00] technology plus old organization equals costly old organization. Kiesau said most 80% said they believe commercial payments need to grow to support longterm financial health.
[00:10:11] So I want to talk to you about those two things real quick. So the first these projects are getting stuck in pilot. And I th I think that’s pretty interesting. I think it, it is interesting because it doesn’t understand the, what the word pilot means. So isn’t a pilot, like, hey, we have [00:10:30] this theory or we have, it is the scientific method.
[00:10:34] Right? We talk about this thing that we think is going to help our system help our population health quality. Let’s pilot something small, real quick, so we can determine whether it’ll work and then we’ll start to to work it out. Should it be something that’s quick, it’s a test and it provides feedback. Why are these things getting stuck? What do you think is happening?
[00:10:54] Drex DeFord: Yeah, I mean, I think you’re right. Some of this is the just misunderstanding of what a pilot [00:11:00] actually is. Pilots have defined beginnings and defined ends and certain things that you were looking for in the execution of the pilot that helped you make a decision about what you’re going to do next.
[00:11:11] This is why this whole 52% are still stuck in pilot program thing concerns me because If you think about pilots as something that is either a success or a failure, then that’s not really a pilot. That’s some project that you tried to roll out that either worked or didn’t.
[00:11:26] If you think of pilots as a success, or [00:11:30] we learned, that’s really what pilots are and they have a defined end point and then another decision tree about, are we going to do this? Are we going to scale it? Are we going to make an investment? Did this give us enough information to make another set of decisions that we want to make about digital health?
[00:11:46] And so if you’re doing pilots right, they’re not a thing that you start and get stuck with forever and then become an operational technology that people become addicted to. And then you have to run them forever in pilot mode. That’s not a pilot, [00:12:00] that’s just a bad project.
[00:12:02] Bill Russell: Yeah. And we’ve we’ve talked about this with startup companies because they get really frustrated because they need to make money and they need a revenue stream they’re in startup mode and they will they’ll get caught in pilot hell where they’re doing like 10 pilots for different health systems, but they’re not making any money. And then they just get stuck because people lose interest in the pilots. It doesn’t have enough momentum. It doesn’t go through to the end. And they’re like, man, this is just death for [00:12:30] them. It’s just death for a lot of things. How do we change that at health systems? How do we get health systems to understand how to structure a good pilot and how to move it forward?
[00:12:39] Drex DeFord: I think that’s at least part of it, right? Some of this is tied into good governance structure and making sure that if you’re going to do pilots, you’re going to do pilots projects, you do it in a way that is clear to everyone involved, including the primary stakeholders. And they understand that there’s a start and a stop point. Because if [00:13:00] you don’t, then that’s where you wind up in this situation that’s bad for both the health system, bad for IT because now they’ve got to continue to sort of run and support this thing. They didn’t maybe really want to get involved in long-term. And like I said, bad for the startup, especially if it’s a product from an early stage company, they keep making changes and making adjustments to try to make their product better for you and hopes that you’re eventually going to buy it.
[00:13:27] And what they find out is that you’ve actually dragged them [00:13:30] out into the middle of the lake and drowned. Right. That is not what anybody wants cause that’s not good for digital health in general.
[00:13:38] Bill Russell: Yeah, for those people watching on YouTube, you’re going to see that I’m having chair issues. So like a chair is like going up and down. It is what it is. I’m just going to keep going here.
[00:13:46] Drex DeFord: It’s like a Saturday Night Live skit.
[00:13:48] Bill Russell: It really is. I just keep popping it up and going back down but the ending phrase here most. 88%, so 220 executives from health systems said they [00:14:00] believe commercial payments need to grow to support longterm financial health.
[00:14:04] That’s a, that’s interesting to me, cause I think that’s flying in the face of what I believe is going to happen, which is we have such pressure against the growing cost of healthcare across the board that yeah, they’re their health systems need to find another way to be financially healthy. And one of, one of the things I’ve always talked about, and I always wondered is in every other industry that we were in, we’ve seen [00:14:30] technology come in and really drive significant efficiencies cost savings if efficient processes driving better collections, you name it.
[00:14:39] It’s really helped the overall process, but in healthcare it just seems to pile on and build the cost, but doesn’t seem to drive that same level of efficiencies it does in other industries. Has that been your experience or are we starting to see that change a little bit?
[00:14:54] Drex DeFord: I am lucky enough to have been involved over the course of my [00:15:00] career in Toyota lean production systems, sort of thinking at a couple of my organizations and just thinking about performance improvement and process improvement and how much waste there is in the system currently. And a lot of that is driven by bureaucracy and the reality that in many healthcare systems, physicians are not employees. And so we have a tendency to bend and flex and try to accommodate [00:15:30] them, which means that we do things that may not be the most efficient things in the world.
[00:15:34] And that isn’t just from an IT perspective, that includes things like orthopedic fixation sets that we use in the LR. We make lots of exceptions and do lots of things that are inefficient because we want to. The primary producers in our organization happy. And it’s not just that it’s lots of other stuff.
[00:15:56] So the system is kind of built to encourage us to [00:16:00] be inefficient and our tendency, I think growing up in healthcare is to think that our inefficient processes are the best practices in a lot of ways which encourages us to ask for more money, not to look internally at how we do things and see how we could be more efficient.
[00:16:17] I think there’s a lot of efficiencies still to be gained inside of the delivery of healthcare, both on the clinical side and the business side, and even in research. And and I [00:16:30] think we’re going to get the pressure to. To make that internal look happen and to become more efficient, because if we don’t, I think you create the situation where you become the target to be acquired as opposed to being the acquiring organization. So the decision ultimately is yours I think.
[00:16:49] Bill Russell: Yeah, I agree. There’s two more findings in this. Hospital at home seems to be taking root and and growing. And the other is that physicians in general, across the survey [00:17:00] have said they are more willing to stick with the digital tools that they have adopted through the pandemic, post pandemic. And I don’t think that’s surprising to me. Again, it was a massive pilot of a lot of digital tools and the physicians are looking at it going, Hey this worked for me, this didn’t work for me. And I think they’ll incorporate some of those things as they move forward. That seems to be pretty obvious to me.
[00:17:26] Drex DeFord: Yeah, change is hard. And I [00:17:30] think the pandemic compelled a lot of us to do things that were not normal and were uncomfortable for us, but in a short period of time, those things became comfortable. And so again, I’m going to keep using the tools that are working for me, because I really don’t want to change back or I don’t want to do something different. So when you have a compelling event that causes people to change their habits and their behavior, they do it, but then it’s hard to get them to change again. I think that’s part of what you see.
[00:17:59] Bill Russell: [00:18:00] So there’s two things I usually talk to you about whenever you’re on the show, by the way, I’m at my exact low point. So I’m not going to fix my chair. This is as low as I get.
[00:18:08] Drex DeFord: You tip the camera down. Just tip the camera down.
[00:18:10] Bill Russell: Yeah, I’d love to, but it’s too far away from my arm. So two topics I’d like to talk to you about one is. Space because you’re, you’re a space nerd. And the second is cyber events and their spend some of those, but let’s start with the space one, because I think it’s interesting.
[00:18:27] There’s a healthcare finance news [00:18:30] article and they had the, was it Chief Medical Officer at the LBJ space center for NASA was there talking about their program. I think about, so how do you provide health in space? Is it a combination of tele-health and hospital at home, essentially remote patient monitoring and those kinds of things, because you’re not doing like a visit right there.
[00:18:54] They’re not saying, Hey, there’s something wrong we’ll send an ambulance out. So, [00:19:00] yeah. Is that what it is is, is a combination of those technologies?
[00:19:03] Drex DeFord: Yeah. I mean, I think it starts with the, we only send extremely healthy people into space that have been tested end to end upside down and make sure that they don’t have any emerging issues.
[00:19:21] Bill Russell: And then is that still the case with this emerging space tourism?
[00:19:26] Drex DeFord: That’s an interesting point. I think [00:19:30] with space tourism, what you will find is that the duration of those flights are so short that it’s more like if you had a medical emergency and you were in a commercial airplane today they could maybe they can do something like divert the flight.
[00:19:48] I think this article is more about people who go to the international space station and are there for months or over a year at a time. And so I think when it comes to space tourism, once you get to a particular point of flight [00:20:00] duration, there’s probably going to be a lot more conversations about how do you take care of those patients should they need care while they’re in space? It’s a, it’s a different program. I think NASA sends really healthy people to space, and then they have an amazing team on the ground who for years has dealt with, have really sort of built protocols around medical emergencies and all kinds of emergencies.
[00:20:26] And how do you deal with them? The article talks about [00:20:30] you can’t really have an MRI machine on orbit but they use a lot of ultrasound. And so astronauts who have to kind of be experts at everything, right. They have to know how to fix the toilet. They have to know how to run the experiments that they’re running. And for some of them, they actually have to do things like control the robotic arm, or be able to sort of move the space station out of the way of space debris. And one of the pieces of training they get is kind of like little mini EMT. How do you use ultrasound? And then they’re [00:21:00] coached by people from the ground.
[00:21:01] If there’s something going on, move it a little bit more this way, this way. Remember that technique we taught you in training where you move the wand like this. And they’re able to send information back and certainly their lifeboats there, if something really seriously happened seriously bad happen, you needed to get somebody off the ship you could and
[00:21:19] Bill Russell: As we go farther out, they’re going to be taking doctors aren’t they?
[00:21:23] Drex DeFord: Well I think they kind of have to start to think about when we go further out [00:21:30] for longer duration flight, there probably will have to be physicians on board but you know, this is one of those things where we have sub-specialized so much in healthcare that just having a physician on board may not be enough because they may not be experts in the sub system that is having a problem in a fellow astronaut.
[00:21:49] So I think the team approach of having people on the ground who can communicate with you and you know give you all the essentially [00:22:00] telehealth consultation that you can, you can take will be good. At some point, the flights get so distant that there’s a significant delay in that consultation and so doing this stuff in real time may become very difficult and that’ll require us to be innovative and creative and come up with new ways of handling.
[00:22:20] Bill Russell: One of the things I’m looking forward to seeing is how these hospital at home programs play. Because they are, they’re not simple logistical [00:22:30] challenges, they’re pretty complex logistical challenges in terms of getting the technology in the home, identifying the right patients that you can care for from the home having workflows with the right level of care at the right time in the home the right monitoring again, technology, the whole infrastructure and those kinds of things.
[00:22:49] There’s a lot of moving parts in there. And Mayo is out in front, Kaiser’s out in front. And there’s a couple others, I think Mercy out of [00:23:00] St. Louis is out in front. Intermountain’s out in front, but we’re now we’re going to have this group of people that’s the next wave coming through.
[00:23:07] I think there’s an awful lot of logistics and challenges around that that is going to make it a little harder than what I think people think it is. It’s really a combination of a lot of different things we’ve been doing over there so maybe that makes it easier, but we really do have to knit it together pretty well in order for it to work.
[00:23:24] Drex DeFord: Yeah. There’s something to this tied to the sort of previous conversation of the people who [00:23:30] go through the wall. First, take all the scars and all the beatings and the people who come after have a much easier time of it. Not that it’s easy because it’s not going to be easy but the decision tree is greatly reduced right? We’re going to use hospital at home for these kinds of patients only who have these kinds of diseases, because we have these kinds of professionals that can be involved in that kind of care. We’re not going to do hospital to home for 20 things. We’re going to do hospital home for two things. [00:24:00] That gives organizations a chance to sort of build up their experience and their confidence that they can do this well and then they can expand and grow after that.
[00:24:09] Bill Russell: All right. Let’s talk cybersecurity. Not because you’re on both because it keeps coming up in the news. Scripps. So Scripps had to announce their financials. And so they announced the the revenue loss from the event was $113 million and and that was partially lost revenue and partially cost of remediating the cyber [00:24:30]event and those kinds of things they’re going to, they’re going to be able to get some of that money back. But I think the max is about 15 million in insurance, cyber insurance, and other insurance claims. So essentially what you’re looking at is potentially a hundred million dollars out of pocket.
[00:24:46] Does that now become, I just did today’s show where I said, look that I would know these numbers backwards and forwards and Scripps is roughly a $3 billion health system, roughly. I don’t know 16 to 18,000 [00:25:00] employees, roughly 3000 physicians. I would know these numbers backwards and forwards because if I were going to my board asking for money and I would be right now saying, look, if you want to make sure we don’t have a a hundred million dollar event, I need like 10% of that money this year to really shore some things up to make sure that we’re not the one that’s in the news. We’re not taking a 30 day downtime and we’re not taking a hundred billion dollar hit to our bottom line. And we’re not even talking about reputation at this point. We’re just talking dolars.
[00:25:29] Drex DeFord: No, for [00:25:30] sure. I mean things that don’t appear in there are things like you kmow when you have a big foundation that relies on contributions from donors, what’s that impact been?
[00:25:41] That doesn’t necessarily figure it. And maybe it’s been nothing. Right. But that kind of impact doesn’t figure into some of the figures that you, that you see here. And there’s some math behind this too. Right? We do some really interesting business value analysis products with [00:26:00] prospects and potential clients as we sort of talk through the whole, how do you justify the expense?
[00:26:05] How do you wind up paying for cyber security when sometimes it’s a hard case to make. And so things like taking that 113 million and dividing it by the number of employees that you have in the organization, that number is way higher than the number we use in our business value analysis.
[00:26:23] And so the reality is I think, as we continue to have these incidents, so we go through these things, [00:26:30] as those kinds of data are disclosed. Health systems can continue to use that kind of data to make their case. As you’re saying, we say this all the time. It’s not it’s not an, if it’s a when.
[00:26:41] And in fact, I would make the argument that at most health systems you know, to use that analogy, there are bad guys prowling the halls every day trying all the doors. It’s not if they’re going to be there, they are there [00:27:00] already. It’s just, they haven’t tried the right door knob yet.
[00:27:03] Bill Russell: Have we gotten better? So if I were a CIO today, I would be, I’d want to be able to detect, right. That’s one of the keys is I want to know that bad guys are crawling around. Not that I may not be able to keep them from crawling around and getting in because there’s an awful lot of, I mean, as we’ve talked about before, I mean the attack surface is so, so large, but I want to be able to detect them very quickly and be able to [00:27:30]respond to remediate.
[00:27:31] But I’m more worried about the ransom. I get the phone call. It looks like a network problem. It feels like this. And then all of a sudden you realize, oh no, it’s ransomware. I get that phone call. I want to know that I can get us back up and running, not in 30 days, but I don’t know, 10 days, five days, two days. Are we making progress there do you think?
[00:27:54] Drex DeFord: Yeah. I mean, I think it depends on the organization and the partners that they’ve chosen. And I don’t want to turn this into a CrowdStrike commercial, [00:28:00] but I mean, speed is the key to the operation, right? The ability to be able to see that someone’s in and be able to determine that someone’s in and they’re actually doing nefarious things and then being able to kick them out before they can actually move laterally and do other kinds of crazy damage which becomes a much bigger incident response kind of event that you have to deal with. So speed is the key to [00:28:30] everything. And if you have the right partners, if you have the right sort of setup in your security program and your infrastructure, you can create this situation where you’ve got that. You can see the bad guys immediately and you can kick them out before they do any damage or before they do any damage beyond maybe the machine that they’re on. And then if you, and then you can put that machine back in service right away you also eliminate kind of the cost of today’s [00:29:00] standard, which is we’re just going re-image that machine, which doesn’t really solve any of the problems because you don’t know what happened.
[00:29:07] You don’t know why, or how the bad guy got in or what they what they were specifically doing often blow away all those forensics in the interest of getting the machine back in service so that the person who was using it can get back to work. So there are ways to do it today. But you know not everyone’s there.
[00:29:26] Bill Russell: So there’s a there’s an article here. I’ll be [00:29:30] honest. I haven’t read it yet. The title caught my eye, which is ransomware attacks to pay or not to pay. And is there ever an instance where you look at a health summit and say, go ahead and pay cause the pipeline pay and somebody else paid. I mean, so people are paying. Is there ever an instance where you look at a health system and say, yeah, go ahead and pay.
[00:29:49] Drex DeFord: So personally, this is me.
[00:29:52] Bill Russell: That’s high risk, right? It’s a high risk.
[00:29:55] Drex DeFord: Well, I mean look, here’s the bottom line. You’re already dealing with a criminal [00:30:00]who’s broken in and locked up all your stuff and now you can’t get to it. And so if you decide to pay, first of all, you’re dealing with a criminal, so maybe they’ll keep their word and maybe they won’t and their word is that they’re going to give you a decryption key.
[00:30:13] Then there’s the reality that sometimes, look, these are not the world’s greatest software developers that are in this business. They’re really good at encrypting decrypting. They don’t really care that much about decrypting.
[00:30:27] Bill Russell: We didn’t spend enough time on that code. [00:30:30] Man we shouldn’t really debugged it a little bit more.
[00:30:32] Drex DeFord: So you may give them the $10 million and they may give you a decryption keys, but maybe it works, maybe it doesn’t. And even if it does, you’ve created a situation where you’ve now identified yourself as a willing victim and that you’re going to pay, so they are going to come back. You know, this, isn’t a one-time dance that you’re doing. And you’ve put a bunch of money into the the dark underground of [00:31:00] cybercriminals which as we’ve talked about on the show before isn’t one person who breaks in and then does launches, ransomware, and then negotiates with you and collects the ransom and gives you the keys.
[00:31:15] This is a whole crazy underground economy of cyber criminals who have sub-specialized as far as being able to get credentials and they sell them on the black market to the team that is really good at going in and casing [00:31:30] the joint. Right. And figuring out where all the crown jewels are and then mapping all that out, coming back out, selling that information on the dark web to the person who is, to the team that is really good at launching ransomeware and negotiating for payment.
[00:31:43] These are major, major corporations. I saw something the other day that said, if you took the cybersecurity criminal the amount of money that has been made through ransomware over the past [00:32:00] year or two, that it would be like the third or fourth largest economy in the world.
[00:32:04] It’s a magnificently done well, engineered run by real CEOs kind of business that is in the business of stealing stuff from you. So you have to, you have to be prepared for that.
[00:32:22] Bill Russell: All right. So LockBit ransomware, recruiting insiders to breach corporate networks. A couple of things there. One is I’m not familiar with lock [00:32:30] bit. This is fairly new to me so any, any wisdom you can impart on that.
[00:32:35] Drex DeFord: Ransomware gang that has I don’t know, really great software that is super good at encrypting stuff very, very fast. And now apparently not only locks up the system but puts wallpaper up on the machines that says, Hey, if you want to give up any of your credentials and passwords you can be coming up affiliate and like, [00:33:00] what the hell? Sorry.
[00:33:01] Bill Russell: So is that what it means for recruiting, when they say recruiting insiders, is that after the attack has been launched or are they recruiting insiders to launch the attacks?
[00:33:10] Drex DeFord: Well, based on what I’ve read, I think it’s more about recruiting insiders to, you can make money for your credentials and your passwords. So you would hope that nobody would take him up on that, but I just don’t [00:33:30] know anymore.
[00:33:30] Bill Russell: That’s interesting. It is an HR issue. You need to have, if you have any disgruntled employees, they are there potential targets for people and if they identify who the disgruntled employees are, they could have an accomplice within .. We had 19,000 employees at St. Joe’s. I’m sure one of them was disgruntled enough to be coerced or underpaid enough to be coerced, to help for a certain amount of money. That’s a, that’s a very real [00:34:00] problem.
[00:34:00] Drex DeFord: Having spent 20 years in the US air force and had a top secret clearance. Most of that time the amount of background investigations and things that you go through specifically because of this, right? Everybody’s you want to make sure they’re not in a position to be coerced. You want to make sure that they’re out of position to be bribed or blackmailed. And we don’t do that with all of our employees. We certainly don’t have that kind of a machine, but it is the kind of thing that you need to make sure we all do but I think we could all do [00:34:30]better. We all need to have the machines set up so that when you’re engaged with HR, you’re about to let somebody go that everybody’s ready. While you’re in the meeting, having the conversation about somebodys fired all of their accounts should be turned off. All the things that they have access to should be turned off. And that in some cases, because even employees who decide to leave on their own you’ll want, I do some and some forensic investigations on what did they download and what have they transferred? And those kinds of things, [00:35:00] because you just don’t know and you have to protect yourself.
[00:35:03] Bill Russell: Yeah. I know at a consulting organizations I’ve been at over the years, we were very curious as to what people were downloading and taking. And they kept coming up with more and more sophisticated ways to make sure that people couldn’t do that. But speaking of consulting firms, so Accenture downplays ransomware attack as slack MC gang leaks, corporate data. And that is one of the, one of the risks here. Right. And et cetera is [00:35:30] probably, yeah. I mean, definitely well-funded definitely smart group of people and they were able to get in, gets us to some corporate data and now they’re, they’re posting it out there. Does that mean there’s no hope for any of us?
[00:35:45] Drex DeFord: No, I don’t think that’s what it means. And you get different sides of this story too. That’s where a lot of the investigation, part of a post-breach and incident response is really important. There are bad guys posting [00:36:00] stuff that they say they got from Accenture, but it maybe wasn’t necessarily from this breach. I mean, who knows, this is what the investigation needs to kind of reveal as this is this data that was already available on the dark web. And this gang is posting this stuff and making these claims because they have some other reason to try to make Accenture look bad. I mean, if you’ve read Accenture as part of the story, they say, this was just a scratch. Somebody got in, definitely. Somebody got in. We don’t think they downloaded anything. We [00:36:30] resolved the attack very quickly and went put everything back in service. So the devil’s in the details in the, yeah. In the investigation and I’m sure more, more will come out on this preach. We’ll learn more of the facts as time goes on.
[00:36:45] Bill Russell: Interesting. Drex, any other stories or anything else going on and you want to want to discuss?
[00:36:51] Drex DeFord: I just saw this morning, T-Mobile had a breach too. There’s several healthcare systems that have [00:37:00] recently had breaches that have driven diverting ambulances and postponing surgeries and those kinds of things. It feels like it we’re on the daily now. It feels like, I mean, it’s not really the daily but it feels like every week there’s at least one or two of these in healthcare. Which is really frightening, critical infrastructure, right? People depend on this. If you’re in the middle of it. I don’t know I’m making this up, but if you’re in the middle of South Dakota and your hospital gets breached, then [00:37:30] you have to divert ambulances.
[00:37:31] I mean the nearest hospital might be a hundred miles away. It’s not, this is really, really serious. So we’ve got to keep working on it. We’ve got to keep working on it and making it better.
[00:37:41] Bill Russell: Yeah. So the most recent one I saw about was Ohio Health and I saw that on 3x Drex 4 8 4 8, 4 8 2
[00:37:50] Drex DeFord: Text Drex to
[00:37:51] Bill Russell: Drex to 4 8 4 8 4 8. I haven’t done that in a while. Sorry about that. Are you still getting those out or is that getting hard?
[00:37:59] Drex DeFord: I have [00:38:00] I hit a little bit of a slack. I was a little slacker for awhile, but I’m back to it now. It’s not, it’s not that it’s harder. There’s plenty of stuff to share with people. For me, it’s more about time than just sitting down and cranking it out so.
[00:38:18] Bill Russell: People are always asking me, it’s like, are you worried about all the oncoming competition in podcasts. And I always say the same thing. No, not really. I said, because I know how hard this is to [00:38:30] be consistent and do it every week and do the daily show every day and that kind of stuff. And I’m like most of these podcasts will start and end well before we stopped doing this so but you
[00:38:42] Drex DeFord: There’s so much news and there’s so much specialization and subspecialization that the beauty of, I think the space that you’re in is that people don’t have to just tune into one podcast. They can listen to lots of different podcasts, even if they’re in the same niche, because they [00:39:00] pick up different pieces of news from those different channels and they don’t have to listen to it real time. Right. The other thing you’ve created is this asynchronous ability to like, I can listen to this when I run or when I when I’m in the gym or on the drive home. So.
[00:39:15] Bill Russell: Yeah. That’s why we’re going to launch multiple new shows next year. So we’ll see. We’ll see what happens. Drex always a pleasure to talk to you. I’m sorry. My chair is so far down. I looked like, I looked like mini me now. I’m so low, low in the chair.
[00:39:28] Drex DeFord: Same, same, same [00:39:30] here, man. Always good to be with you. You look good. I don’t care what they say.
[00:39:35] Bill Russell: I want to talk today. Hey, thanks again. Take care.
[00:39:38] What a great discussion. If you know someone that might benefit from our channel, from these kinds of discussions, please forward them a note, perhaps your team, your staff. I know if I were a CIO today, I would have every one of my team members listening to this show. It’s conference level value every week. They can subscribe on our website thisweekhealth.com or they can go wherever you listen to podcasts, [00:40:00] Apple, Google, Overcast, which is what I use, Spotify, Stitcher. You name it. We’re out there. They can find us. Go ahead. Subscribe today. Send a note to someone and have them subscribe as well. We want to thank our channel sponsors who are investing in our mission to develop the next generation of health IT leaders. Those are VMware, Hill-Rom, StarBridge Advisers, Aruba and McAfee. Thanks for listening. That’s all for now.