This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.
Thanks as always to our partner Fortified Health Security. No matter where you're at in your cybersecurity journey, Fortified can help you improve your cybersecurity posture through their 24 7 threat defense services or advisory services delivered through Central Command, a first of its kind platform that simplifies cybersecurity management and provides the visibility you need to mature your program.
Learn more at fortifiedhealthsecurity. com
I'm Bill Russell, creator of this week Health, where our mission is to transform healthcare one connection at a time. Welcome to Newsday, breaking Down the Health it headlines that matter most. Let's jump into the news.
Hey everyone. I'm Drex. Welcome to the show. I get Russell Teague with me today. That doesn't happen very often. Okay. You're on the road all the
time. I absolutely am. It's great to see you Drex. I'm looking forward to this conversation as always.
It's, we always have such enlightened conversations around what's going on in the industry and look forward to this one again. Yeah,
thanks. I'm just joking. We do this pretty regularly, so it is, it's always good to see you. I forget sometimes. How often We're together at other conferences at 2 29 project events online.
Online, not recording. We also have a lot of sidebar conversations about stuff that's going on too. So it's good to see and good to have you on the show.
Same.
There are so many things going on in the news right now. We were just talking about how like we have weirdly created this situation probably unintentionally.
Definitely unintentionally, a lot of interesting ingredients are coming together to almost create kind of a hurricane for us in cybersecurity and healthcare right now. And so let's just start with one of the ingredients. It's ai. There's a, a. There's a story in Yahoo Finance about generative AI in the cybersecurity market being worth 35 and a half billion dollars by 20.
31. What's your take on that?
Well, AI is, I said before, AI is definitely here to stay. It's going to continue growing. At a, at an, just a, an amazing rate, an astonishing rate. , That's not gonna come without its own pitfalls along the way. Right, right. There was an MIT report recently released that, that actually did a study analyzing all the AI initiatives across MSPs, MSPs, you know, partners, providers.
Right. And in general the consensus in reviewing all these organizations and their initiatives as well as, the the leadership to them less than 5% or right, or right, maybe Right around 5% of them have been actually successful that result in positive return. Now I believe the aperture on the view is still too narrow.
I don't think it's been long enough for these initiatives to actually. Go through because with any major transformational initiative, you're gonna have an increase in spending associated with everybody adopting it before
the return comes in. Yeah.
Yeah. And so I think the MIT report is very insightful.
So I, and I encourage it. I'll send you a link to it you can post to it. But I think it also needs, the aperture opened up a little bit, right? Because the spend is definitely there. We're seeing it pro projected everywhere. When I think about ai though, I think about it from three different, medical providers. Right. Health hds are using it to, help with therapies, outcomes, patient operational workflow efficiencies. Clinical efficiencies. Yeah. I mean, all of those. But then there's the both adversarial, offensive use of ai and then the, defensive side where most MSPs, MSPs and so many others are using it as a defensive tool.
So that's three, that's three legs of a stool. Right. And so AI sitting in the top. And so it's important when you have an AI conversation reflect on which of those attributes are you really talking about, because. Ai kind of like cybersecurity. It's just a tagline. And then there's a hundred things underneath
of it.
And there, there's versions of this too that are when you think about AI and the AI that's being used in the health system on the operations side or clinical or business research, there's, the software as a service part of it. Where on Thursday, turns out there's a new button in my application that is ai.
That's right. There's the stuff that some health systems are building for themselves, agents and other things. So a lot going on the operations side too, that may or may not be built in a tight way to make it secure.
Well, from a marketing perspective, I was, recently out at Black Cat and right.
And everything across the board is AI this and AI that. Right? But when you really begin to scratch the surface and ask what is your implementation of ai, a lot of times it's hyper automation, hyper workflow. . , Advanced coding techniques, not necessarily pushing things out to an AI generative model, right?
Mm-hmm. Um, There may be some later attributes associated with it where they're using large language models, generative ai and other mechanisms to be able to do that. But again, AI still is on its journey, right? And it's an ever evolving one and will continue to be so
Let me ask you about the other two arms.
Yeah. What are you seeing on the defensive side? How are security teams using ai and where are they being successful? Were they struggling? You're out there all the time. What do you see? Yeah.
So, so definitely the, the, security manufacturers, the software manufacturers are using AI to drive operational efficiency, take big data in, analyze it.
The, are eds, endpoint detection responses are network detection responses. Yeah. The sim products. SIM products, right? They're all now using AI agents to be able to help them. Co navigate and actually make the analyst a better analyst, right? Because it's feeding them information.
It's been gathered from all the various disparate systems. They're no longer swivel sharing and bringing all that data in. So it makes them faster, it makes them more consistent. More effective.
It's almost like they have another junior SOC analyst. Yeah. Right. Like, you know that you can. But I wrote, I think I wrote something about this the other day.
I probably didn't write about it. I probably thought about writing about it. But this idea that, anytime you have a trainee in your organization, you tell 'em what to do and you watch what they do and you double check 'em, and you triple check 'em, and that goes on for a while. And then you trust that they, yeah.
Know what they're doing and they're able to execute it, and then you kind of let 'em go off on their own. Is that the same way you're seeing folks start to think about these?
I think so and I'll just speak to our own journey, right? When we think about AI adoption within our world, we're thinking about it.
The human still has to be in the loop, right? It's, I mean, there are gonna be, I think elements of, false positive versus true positive analysis on the front end of triage. Yeah, right? Where we are looking at, 80% of alerts that come across are often time to false positives people.
People calling in or trying to connect in from unauthorized geos because they forgot to, to put their travel authorization in. Right, right. I mean, you see it all the time. And so, using an AI agent to be able to work through that triage and zero that down.
Right. And then still pass it over to a human for some efficacy and review process before. I think over time it'll get into an auto mode. But I think we're still a ways away from that. And then you'll have AI assisted investigations, AI enhanced or ai enriched escalations where you know the response is back out.
You an event comes in, it gets triaged. It's considered a true. Positive. It's, the investigation is conducted, it's enriched with AI input into it. The analyst reviews accepts right. Make some adjustments to it, maybe even ask the AI to go get more information to populate Sure. And then push it back out to the,
one of my best options here.
And it gives you one, two, and three and you're able to tell the agent, go execute.
Number one. And then the last phase of that, 'cause when you really think about from a cyber operations perspective, is really the triage the investigation, the escalation, and then the response to that.
Right? And so that last holy grail would be response, right? When can it detect and respond
all the way through, run the whole chain. That would be great. Yeah.
And well, I mean, so some people are gonna love it. Right. Those that are forward technology leaders and leaning into it, there are gonna be many others that don't.
So I don't think there's a single path that's, that you can implement for all. I think you have to have multi-path where the human is in the loop, or you can just turn it off or the AI is not in the loop at all for those clients. 'cause there's gonna be late adopters.
I, and I think, you guys have heard me say this all the time.
I know I've heard you say it too. There's a lot of this that as we talk about it. Always for us, always in sort of context and I, in my head I say, wow, that'd be so cool. Yeah. But at, in my next breath I'm like, oh man, that could be also really bad. Something could go haywire. If you're compromised somehow that agent is compromised, that also could be really bad.
So
always a double edge right. Sword. It's always a double
edged
sword.
Yeah. Yeah. Yeah. What about bad guys? Bad guys are also using this stuff. What do you seeing there? How are they being successful? What's the tricky, what's the tricky stuff we gotta look at?
They're obviously rapidly adopting the use of ai, right?
They're trying to become more efficient in their process. Get better content out. The integration of deep fakes and audio and video recordings. How do I spoof the help desk? How do I spoof the doctor or the clinician? All of that's definitely out there, and they're gonna continue to take advantage of that.
After all, they, they're focusing all their time on doing that. They're business people.
I mean, they are technology companies who are in the ransomware business or in the data exfiltration and hostage taking business.
Yep. The thing that I think stands out the most is. Those that are wanting to get into that, AI is making it much easier.
That compounded with ransomware as a service and malware as a service, right. Where the, some of the older, more mature threat groups and nation state threat actors are. Now turning it into a business, monetizing it, selling it to those that are still learning and enabling them. But it's a, it's a very fascinating ecosystem when you begin to start really breaking apart the threat groups, what they're focused on, what their initiatives are Make no mistake. It's all about money, right? it.
is
And this whole as a service, as you said, this whole as a service economy in the dark web right now is making it really easy for freshly minted cyber thugs outta the gaming world to be able to do a lot of really bad stuff, a lot of damage in short order without a lot of skill because of the things they can just buy with Bitcoin and and link together and turn on.
I remember a time, probably about 8 to 10 years ago where there was actual some honor amongst them, right? And so if they found out that they hacked a hospital and actually created downtime and major impact, I have seen and have worked with.
from a response side where they'll just give you the keys back, oh my God, we didn't realize what we did. Yeah, right. They give you the keys. Right. And then, but then you get the, you get the data exfiltrate, part of their business coming back and wait a minute, I still want my money.
Right? Yeah. And so, and so the ransom negotiator may be giving you the keys back, but I'm not, I'm still gonna sell your data. And so e
even the ransom negotiator now in some cases has become an ai. bot agent, and it has a routine that it runs through as it escalates the pressure on you to pay.
Right. You're not talking to people. I don't know if you say operator, maybe you get to, I don't know, sir. I don't know how it works, but I know that I've read a lot of stuff and talked to a few folks here recently where, The investigators are really clear.
They're not working with a human. On the negotiation side, they're working with a bot that, that is not easily influenced.
y're probably talking the HAL:open the pod bay doors, HAL No, I'm not gonna do that, Dave. Yeah. One of the other things I know as you travel around the country, that is a topic that you hear about a lot.
I hear about a lot. City tour dinners and its summits is the one big beautiful bill and the concerns over resources and Medicaid cuts and all the other things that seem to be piling on here. Not just with that, but. CSA cuts and a lot of other things that are happening with state, local, grant money and, just the list goes on and on. What's the feedback you're getting from the field?
The provider ecosystem, especially the rural lower end of healthcare. Right. Seriously concerned. Right. Seriously concerned. These. Implications associated with the big beautiful bill, some of the tax cuts doge and the efforts they're doing and the restructuring within C-M-S-H-H-S and CDC right.
Are all creating a, an environment of uncertainty for one. Right. And so that, that's probably a topic on itself, right? Just around. The DC administration and the uncertainty. Yeah. I mean,
CFOs love down certainty. They love reliability. They know what's gonna happen. Yep. It lets them have some kind of projections into the future financially.
And that whole system is kind of. Scrambled eggs right now.
It is. It is. And so I, I'm headed out to LA this weekend for an IPMI, I'm talking with lawyers and CFOs. And that entire conversations around the implications associated with this and AI in general. Right. And gets into the contractual law, data rights and permissions derivative rights usage.
Right. Can you take my data and train your model? And how do I get my data back out, right? Can I, even if
it's de-identified,
yep. All of that comes into play. But yeah, with the CFOs are sharing with me, they're anticipating a 30% reduction in reimbursements through Medicare, Medicaid and so they're starting to ask their businesses to think about.
Evaluating services that may be not as profitable as others. So which services can we maybe shutter or shut down? And use the resources that we have and the available to, to support those that are way more profitable. But the
challenge in that sometimes can be, especially if you're a rural hospital, but the only other hospital that has that service.
Is 300
miles
away. Exactly. I almost have to like fly to another organization to get mental health services or things that aren't you know, they're not surgical services, which are, which, have better profit margin.
Yeah, no, you're 100% right. It's there's gonna be some challenges in these elder organizations.
I would say mid-enterprise, three to 5 billion and below right, are all gonna kind of struggle, right? Until you get to the top right? What I really can solve, the true enterprise healthcares, which, they're obviously doing well, right? And they're large enough to handle some of this stuff, but they're still gonna ha feel impacts as well.
It really depends on a lot of it, the demographic that you serve, if you're serving the uninsured in the low income, if your payer
mix is 80% Medicaid, right? And Medicare There's gotta be some kind of reckoning.
Yeah.
If your payer mixes it, because what we've done traditionally is that, if you make a tiny bit of money on Medicare and you break even on Medicaid and you almost sort of cost shift some of that to the payer, the.
The actual insurance companies who are paying the bill, and that's how you stay afloat. And then you add some donations from, the folks who are sending money regularly to the hospital foundation or whatever, the
foundations. Yeah.
You figure out how to pull it all together.
But there's pressure on all that. Now, the pressure on the insurance companies. Although they continue to seem to be pretty profitable. Yeah. But pressure on the foundations too, because people who would regularly, normally donate to those hospital foundations are under their own economic pressures. Now it's just, I mean, we do have a bit of a hurricane.
So the next question is, what are healthcare delivery organization's doing to, yeah.
To
kind of prep and to get ready.
Yeah. Great. Great question. Drex i've been talking with a lot of 'em over the last probably three to four months trying to understand where they're thinking at, what they're hearing.
'cause they're all, most of them are all getting ready to go into their either 26 budget cycle or moving into their 26 budget with those kind of reductions. Right. 30 on some cases up to 50 on others. I asked my CISOs and my CIOs, what are you doing in cyber?
Right. I mean, and they're like. Well, everything is, for one, our budgets aren't approved. I don't have authority to just go sign and execute. I need to go back and ask for secondary approvals. We have to justify the spin for everything, and every relationship now is up for renegotiation in terms of if it's coming up for renewal.
Right? They're looking at not only the same vendor, even if it's a, even if it's a very, if it's a great partner, they're gonna re-look at 'em to see if one. In the technology race, are they bringing the best and for the best price, best technology for the best price. They have to shop everything and look at how they can optimize their program.
The other thing we're seeing is where they're starting to consolidate. Right. Bring many things to a consolidated partner. Sure. Right. That allows some cost savings down, because obviously if you distribute. Your EDR over here and your sim there and your, your, all your other technologies.
Right. The totality of that is usually much greater than if you were to consolidate and bring it. There's
integration costs that we started on this path originally when we did electronic health records. Mm-hmm.
We
didn't have a single system that did everything. We bought an ED system, we bought a, a reporting system.
We bought a radiology system. We bought. Blah, blah, blah. And we figured out how to put 'em together through an interface engine. Right. Maybe for security people that would be a SIM or something like that. Yeah. And so the conversation now about how do you consolidate create less work.
It's definitely, I mean, those are a lot of conversations like that I'm having where we get people in our executive briefing center in Brentwood and we break down their current state of their program, people, process and technology, what their current spend is, where their renewals are at, what technology is using.
Whether that's, current technology or legacy technology, really open up that conversation to try to spend a day or two in strategy, in strategic thinking to, to identify what is the path forward, right? How do I actually get more out of my program using the dollars that I have, because.
My CFO's not gonna give me anymore. I'm lucky if I can hold flat, but if I can demonstrate how I'm gonna redeploy dollars, mature my program, but keep it flat that's a storyline that most CFOs are wanting to hear right now.
A lot of this is about the business plan, so. I talked to Dan your CEO, about the briefing center the other day.
Yeah.
I'm gonna get to a briefing center. Hopefully I can do it in conjunction with one of the organizations who come to the briefing center, and I'm happy to sign an NDA and sit in and, yeah. Just kind of hear what they're doing. But the idea of what you guys are doing taking people out of their daily. Fire drill environment, putting them in the briefing center, giving them the opportunity to kind of have a retreat and think through their plans and think through their strategy and beyond the curvature of the earth. It's a really interesting concept. Have you had folks go through it?
How many and just generally how's it going?
Yeah. We, 10 or 12 have already gone through it. Right. And their, our schedule's filled up into mid of next year. So almost every week somebody is now inbound except for major holidays or whatever. But I was just up there last up there this week, early this week, doing 'em, I was there last week doing them.
The feedback has been tremendous. I mean, absolutely amazing, right? Not only does it strengthen the relationship, but they can hear about what's going on across. Their ecosystem across, what are others doing, right? And so we're bringing in these CISOs that working across mental, many organizations we're, we've got the reps there.
Dan and I are usually there. We're talking about, feedback that we're hearing, and then we're really unpacking and spending all the time on their organization, their thinking and their decisions, and helping them actually formulate. What the next three years might look like for them, right? And how they can actually do something different because the threats aren't changing.
They're only continuing to evolve and getting worse. Financial pressures are only increasing, right? And so, you know that perfect storm is bearing down on 'em and they've gotta prepare themselves for that. How do you batten the hatches down and begin to navigate that? And so the briefing center is a great place to do that.
I feel like I need to ask you one more question. What haven't I asked you about today that we should talk about? We will, we've kind of gone around the world today, but
I would say something that Dan, that's, that, that resonates in an article that Dan did around thinking differently.
Right now is the time to definitely think differently, right? The old approach. Divide and conquer. Get all the technologies We're living in a new frontier associated with AI on one side, advanced threats and us not winning, and then not having a strong regulatory and legislative landscape.
That requires us to think differently. And when you start thinking differently when you are. Open and allow yourself to think differently around how you attack this problem. That's when true innovation changes and you get inspired to be able to actually go do something different.
We spent tons of time with zr up at Seattle Children's. I mean, he's wonderful outta the box thinker, Always looking at for the forefront. So, these are the transformational leaders that I think that will make change. And, Ross Young Dale at Phoebe and Stuart over at Northeast Georgia and so many others are just transformational leaders that are thinking differently and allowing their program to evolve.
It. We do live in a time where that idea of, this is how I've always done it. I made this investment three years ago and I have emotional attachment to it. Yeah. And this is how, this is what good looks like. I don't think we have any room for that anymore. Like that was a perfectly awesome decision that you made three years ago to buy that thing.
That's just, let's take a moment. Mm-hmm. Take a beat, take a breath, look at how technology has evolved, how services have evolved, and let's think about a new way of doing that might be more efficient, less burdensome. And not hooked up sometimes on what really is legacy technology now.
So That's right. That is great advice. Think outside the
box. Think outside the box and always challenge, right? I mean that great partner and great technology three years ago when you bought it and you paid at the peak of its value, I
bet
three years later may not still be the same value, but yet everybody wants to add CPI increases.
Yeah. And go up versus bring it back down. Yeah. And we live in an economy world, right? Where we need to think about, sometimes things go up and sometimes things go down. And so. But mean I'm a provider, so it's crazy to think of it that way. But as a true healthcare partner, we have to think that way, right?
Because this is trying times for everyone, right? And navigating this to continue to throw threats is what we all have to do. The only other topic I think that comes to mind is is the world of m and a right now. Both in healthcare, right? And in
cybersecurity.
And in cybersecurity it's happening all over, right? So it's it's been a very busy, second half of the year and I think that will absolutely continue into next year as well.
Hey, thanks for being on the show. Always have a good time. I always feel like we could go on for like two hours.
Yeah.
Talking about stuff. But Russell Teague from Fortified Health Security you're awesome. I'll see you on the road sometime soon.
Absolutely. Thanks Drex. Thanks everybody.
That's Newsday. Stay informed between episodes with our Daily Insights email. And remember, every healthcare leader needs a community they can lean on and learn from. Subscribe at this week, health.com/subscribe. Thanks for listening. That's all for now.