This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

Executive Interview: Securing Healthcare's Hidden Attack Surface with James Winebrenner

Speaker: I'm Drex Deford, president of Cyber and Risk here at this week, health and the 2 29 Project. Our mission is Healthcare Transformation powered by community. Welcome to this executive interview on the UnHack Channel. Real conversations about managing risk at the highest levels.

Let's dive in.

Drex DeFord: Hey

everyone, it's Drex and I'm here with James Wein, Brenner from Ity.

Uh, it's been a while since we've seen each other, but we spent a lot of time together, uh, last fall at Lake Oconee. Um, good to see you. How you doing?

James Winebrenner: Good to see you. Drex. It had, I can't believe it's been, uh, four or five months. The, the winter came and went and, uh. Uh, doing well and, and buckled up for, for RSA next week.

Drex DeFord: Oh, man. Cool. Uh, a lot going on there. So, start by telling me a little bit about yourself and your background, uh, and how you wound up at Elicit, and then yeah. Tell me a little bit about what you have planned for RSA.

James Winebrenner: So I've, uh, I've had the privilege of spending, uh, the entirety of my career, uh, the last 25, uh, ish years in, uh, in cybersecurity and infrastructure.

Um, being able to. Uh, uh, identify and secure, uh, assets regardless of what they are uhhuh, uh, whether they're, uh, it, uh, ot, you know, FDA regulated, uh, uh, uh, clinical devices. Uh, but to be able to secure them in place, uh, without, uh, without requiring, uh, uh, a lot of replumbing of the network or, uh, uh, a lot of work.

Drex DeFord: a lot of [00:02:00] folks, uh, talking about you at the HEMS Conference last week, um, and I know you had a lot of folks there. What was the buzz or what, what kind of feedback did you hear from, uh, from the conference and the, the work that was going on there?

James Winebrenner: we had a great, uh, a great event at at, at himss. We are always excited, um, to be able to participate and, and what we try and do in, in all those cases, drex, is look for opportunities to provide a platform for our customers to be able to talk about what they're, what they're doing, um, and for them to be able to share.

A little bit about how they're going, about some of the programs they're implementing, uh, whether that's directly with, uh, with Felicity or, or just some of the other things that are happening. And that was certainly, uh, on display last week. Uh, we had, uh, uh, Aaron Weissman from Mainline Health out in Philadelphia, uh, uh, up, uh, talking about, uh, some of the, the transformation that they've been able to drive, uh, in their, uh, cyber program as a result of our partnership, and then some of the other things that he's been able to, to, to drive around that.

Drex DeFord: Aaron Aaron, uh, I'm a, I'm a big fan of his and all the work, um, that he's done up there. Uh, I don't wanna get too far into a use case, but can you talk more about what you've done with Aaron and, and the folks at Mainline? Because it's been very creative. I mean, he just is naturally that organization I think is naturally creative about how to solve complicated multi.

Process, multi-issue, um, concerns, and I think they've done a good job working with you guys and, and, and working through some of their challenges. So yeah, talk a little bit about that.

James Winebrenner: I mean, I think what mainline went through is very similar to the conversations we're having with, with a lot of folks in, in, in clinical, um, uh, healthcare settings, which is, you know, sort of phase one is trying to understand, , what in the world do I have running in my environment?

Um, and then we have, uh. Regulated clinical devices that are running and all of this is running on the same network. And, uh, all of it is, you know, bringing some degree of, of, uh, of risk, but is also all, you know, critical for, for patient care. And so in the case of mainline, you know, I think they, uh, they started their project, uh, deploying, uh, arm iis.

Um, to understand kind of what was running in the environment and understand, you know, the relative risk factors associated with, uh, with some of those unmanaged, um, um, medical technology and and mm-hmm. And IoT devices. And then, you know, I think Aaron was, uh, caught in the very classic conundrum, which is, you know, you turn on amis and the next day you see, you know, 48,000 blinking red lights saying, Hey, I've got all this stuff that I didn't know I had.

Drex DeFord: And

James Winebrenner: now what do

Drex DeFord: I do? Yeah.

James Winebrenner: Yeah. And the traditional, like, well, do we go. You know, start a patching program to try and find all these things and patch them. Or do we, uh, do we, you know, uh, segment them by, adding firewalls and creating A-V-L-A-N and trying to move, you know, manually move devices over?

Like, what are the, what are the ways for us to mitigate the risk associated with that footprint and what mainline, uh, experience working with us, which is what, what, you know, the, the whole reason we exist is. And we're able to take that arm data, drop it into our identity graph, and immediately be able to map a mitigating control policy, uh, back around those assets while they're running in situ without having to re-plumb the network.

Drex DeFord: Mm-hmm.

James Winebrenner: Without having to go through, a lot of change. And that's one of the things that Aaron, I think is the most proud of, is the speed with which his team was able to take and go from visibility to. Control and having that, that mitigating control policy in place. So,, we're always excited for, for, again, for customers be able to kind of tell their story.

Drex DeFord: That's great. Um, I know that, uh, we, we had sort of talked very briefly, uh, before we started about the ambulance chasing problem in cybersecurity and in healthcare cybersecurity in particular.

And I know that you guys, uh, are not. On that path. Um, but it is interesting to see sometimes when the bad things happen, uh, you know, everyone tries to come outta the woodwork at a time when folks don't have time, um, to talk to a hundred, uh, different partners. It, it turns out that's really important why you do the pre-work so that you don't have to make a lot of those decisions in the heat of the moment and pay a premium because of it.

Right.

And so, you know, that that concept of sort of piling on after the, the incident gets announced is just, I mean, it's, it's disrespectful, frankly. Uh, and this is a big part of where again, we are trying very hard to amplify the success stories the customers are seeing, where they are proactively able to get out in front of, uh, getting some of these controls in place and, um, and really talk about the fact that it doesn't have to be as hard or as complicated as it used to be.

Uh, and, and, um, and, you know, show, hey, what this is the art of the possible, uh, with if we leverage the, the, the, the, the new technical approach that we've, uh, that we've brought to the table. And so that, uh, hopefully puts us in much more proactive than, than reactive. Mode. We're always happy to help, uh, when, uh, when folks are trying to recover from an incident, but would much prefer to be on the front end of that equation.

Yeah. Speaking of which you're watching the pit.

James Winebrenner: Yes,

Drex DeFord: yes. Everybody's new favorite, uh, hospital TV show, um, now in like its third season or second season. It's been going on for a while. Uh, there's a cybersecurity incident going on right now in the pit.

James Winebrenner: It's funny that you bring this up.

I think this has been, uh, an interesting opportunity for us to be able to kind of have this conversation with some folks that, you know, again, you hear about ransomware, you hear about, you know, you see the, headlines of such and such a system, you know, got shut down. Uh, but we don't really understand the implications of it.

This patient care, uh, but literally, you know, doing so, uh, not even understanding kind of how these processes work. And so it's been interesting to have it in sort of an abstract Hollywood version, uh, to be able to, you know, have conversation about where we're, we're Again, we're not, uh, we're not kind of piled onto somebody that's going through it in real time, but unfortunately, I mean, the reason it's in the Hollywood vernacular is because we're seeing these headlines, you know, continue to see them, you know, time and time again.

Drex DeFord: How, how do you think they're doing, uh, with the, with the depiction of the event?

James Winebrenner: It's, it's very interesting to watch. I mean, clearly they've gone over the top on some things. I think the, you know, the, the, the 23-year-old that had never seen a fax machine and didn't understand what toner was, you know, and part, part of that's just, you know, me showing my age.

And then what happens, you know, kind of when the, when the lights go out.

Drex DeFord: Yeah. There's a lot of, um, I don't know, I just, I've always, since I've been here, I just have clicked that this is the way we did it. This thing has happened and now I, I don't know how to, I don't know what actually is happening behind the scenes.

So, um, the struggle to kind. Stay on top of it. So if you haven't seen the Pit for, for folks who are listening, you haven't seen the Pit, we don't wanna spoil it for you. It's, but it's, it's a very interesting set of episodes, um, that are happening around this event. Last question that I should probably ask you about RSA and you're going to RSA, uh, what's happening there?

What are you expecting to get outta RSA? What's the exciting part of, um, I mean, it's giant. It's a huge conference. It's bigger than himss.

Um, we try very hard to, uh. One, not get lost in the noise. Um, and, you know, my belief is, you know, our, our customers are not necessarily gonna be the folks that are, you know, walking the floor, you know, looking for, uh, tchotchkes and t-shirts and things. Um, we try and create opportunities for, uh, prospects, uh, folks that are interested in what we're doing.

To spend time with folks that are, uh, that are already, uh, on the platform and, and literally get the, the learnings of understanding, you know, how did you solve this problem? Why did you choose Felicity? What's the partnership been like? So we, we really work hard to foster those interaction opportunities.

There's enough of our customers that are traveling for it anyway, and it just, uh, makes. Sense to get everybody together for, uh, for, you know, essentially a half day ahead of the event. We do it up in Napa, so it's beautiful and it's a great opportunity again for us to get feedback directly from our existing customers.

We have our product and engineering leadership there. We share what's, uh, you know, what's on the roadmap. A lot of the feedback, uh, the customers are, are, uh, giving to us on, uh, on where they want us to take the platform. And so it's a great, you know, way to kick off the week, uh, interacting with, with our customer advisory board.

Drex DeFord: Yeah. Love that. Um, man, I feel like there's a hundred other things I could ask you, but we probably should, uh, manage the time here. I really appreciate you being on. Always interesting to have the conversation, always in interesting to hear what you are thinking, where elicits going, and uh, I appreciate you being on program.

James Winebrenner: Thank you very much, Drex. Always great to see you.