This Week Health

Don't forget to subscribe!

July 26, 2024: Michael Robinson, VP of Healthcare Solutions for the Americas at Omnissa, joins Bill for the news. They delve into the current state of cybersecurity in healthcare, emphasizing the rise in ransomware demands and the crucial need for mature security postures in health systems. How can health systems better manage the increasing threat vectors from device proliferation? What role does AI play in enhancing security measures, and how effective is the adoption of zero-trust architecture in preventing breaches? The conversation also touches on the evolving use of Gen AI in healthcare, particularly in administrative versus clinical applications. As Gen AI tools become more prevalent, what are the implications for patient interactions and the necessity of human oversight in AI-driven healthcare solutions?

Key Points:

  • 00:28 Michael Robinson from Omnissa
  • 00:58 Omnissa: Company Background and Offerings
  • 02:56 Ransomware and Security in Healthcare
  • 06:52 Password Management and Zero Trust
  • 11:03 Gen AI: Opportunities and Challenges

News articles:

Transcript

This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

  All right, today's episode is brought to you by Omnissa. The Omnissa platform is the first AI driven digital work platform that enables smart, seamless, and secure work experiences from anywhere.

It uniquely integrates multiple industry leading solutions, including unified endpoint management, virtual apps and desktops, digital employee experience, and security and compliance through common data, identity, administration, and security. and automation services. Built on the vision of autonomous workspaces, self configuring, self healing and self securing, Omnissa continuously adapts to the way people work, delivering personalized and engaging employee experiences while optimizing security, IT operations and costs.

Check them out today at thisweekhealth. com slash Omnissa.

 Today on Newsday.

just to make sure that you're making it as difficult as possible. So that one password won't get you the keys to the kingdom, so to speak. My name is Bill Russell. I'm a former CIO for a 16 hospital system and creator of This Week Health. where we are dedicated to transforming healthcare, one connection at a time. Newstay discusses the breaking news in healthcare with industry experts Now, let's jump right in.

(Main)  All right. It's Newsday and today we're joined by Michael Robinson, VP of healthcare solutions for the Americas for Omnissa. Michael, welcome to the show.

Thank you, bill. Pleasure to be here.

Michael, I'm gonna give you a couple of minutes here at least to tell people what Omnia is if they're listening to this Newsday show for the first time. Some people might be saying What is is Omnia a new startup? And it is a 4,000 person startup, but give us a little

background.

Yeah. And we're really excited about that. Thanks for the opportunity, bill. So, Omnia. Is a brand new company. It's backed and invested in by KKR as a private equity investor. We are a 20 year, 20 plus year startup. And so, through acquisition at VMware. And now subsequently Broadcom, and we spun out the division separately.

So, as you mentioned, it is a 4, 000 person organization. We were formerly the EUC division within VMware Broadcom, and have now stood up a separate entity focused purely on making sure that we are providing the best digital foundation for our customers and again, we have, I believe, over 20, 000 customers significant annual recurring revenue as well as the fact that we are one of the innovators in the marketplace in this space.

Fantastic. So you have Horizon, Workspace ONE what are the other solutions that came? All of that

device, our Intelligent Hub, our Workspace Intelligent Hub which does some analytics and analysis as well. So yeah the whole full breadth of the portfolio for unified endpoint management.

as well as virtual desktops, whether it be on prem or in the cloud and then app delivery.

Awesome. So, we're going to jump into the news. That would be news in and of itself. I'm missing that brand. Is only, what, a couple weeks old? It's 10 days old. 10 days old, so that's news in and of itself.

Yeah, really excited. So you're not a part of Broadcom at all anymore? You're a separate entity? Not

anymore, we're a privately held company, as I mentioned before, 4, 000 employees significant annual recurring revenue, and we're a market leader in both unified endpoint management, and The virtual desktop space.

So, we're excited. We have energized employees that are ready to go. It's been a few months coming. But again there's a new day. It's a new dawn.

Reading. In the first half of:over the same period in:

Due to new SEC mandated breach disclosures, the impact on the data has been substantial with private businesses reporting 29. 7 million affected records. Government's 53, 000 in healthcare, 5. 4 million records being exposed. I think people could feel like, hey, we're not hearing as much ransomware, therefore it's not as prevalent.

But my gosh, still, if you really have your ear to the ground, it's still very prevalent in healthcare. Yeah,

I think what in the news, Bill, is just the tip of the iceberg. And, I think, as you mentioned, the SEC requirement around breach disclosure will show that, healthcare is probably one of the most targeted industries globally in terms of ransomware.

And so, it's really important that health systems have a mature posture around their security and, how look at that. And there are many facets. to that as well. But again, I think foundationally, when we look at our products that thread goes through all of our design and innovation and, our product capabilities are all based on, doing providing a holistic approach to to end user computing, but doing so in a secure and compliant way.

think architecture is so important from a security standpoint. We don't talk about it a lot, but one of the things, and this goes way back in the day when I was CIO, we were moving towards an architecture where all of our workstations ran in our data center. And we felt like we could control that more.

If there was activity on one virtual desktop, we could shut that down and spin up a new one. And we just had more control. And we. had quite frankly, a lot more invested in those technologies so that we could, just the flexibility of it. And also if you had a major event, you could spin up 4, 000 workstations pretty quickly if you needed to.

And those devices at the end for us also, a couple of other things for those devices. We were living with five year life cycles, which is probably a little long for a PC. But going to think clients, we ended up pushing that up to seven years. Because really, firepower on that, on the applications is in the data center itself.

I just felt like it was a stronger architecture with which to defend against these kinds of attacks.

Yeah, and there are a lot of things that happened in, the last 5 to 10 years or so in terms of, adoption of the cloud as well. And, don't get me wrong, the hyperscalers are, as secure as any environment that you find They definitely have the capabilities of locking down systems much better than a, a 400 bed hospital system, right?

And then just the pure depth and breadth of their capabilities to be able to do that. However, we've also seen the proliferation of devices. as well through bring your own device strategies and others that, has just increased that threat vector for organizations.

And so that's where our energy and focus is on, how do you manage those entities in your organization. And again, the diversity in The proliferation of those devices just creates a lot of opportunity for the bad

actors. I use a couple of tools. I'm moving on another story here.

I'm using a couple of tools. There was a massive dump of user names and passwords out onto the dark web. And I was first notified through the identity protection, which I've gotten from about,

yeah,

like for, I've gotten from five health systems and all the people who've reached it.

Giving me a free year, which I appreciate. But that was the first I was notified. I didn't know how extensive it was, but my single password solution was the next thing to notify me. And then shortly after that, my iPhone notified me. So my iPhone's tracking all these passwords and all of a sudden it's popping up saying, Hey, these showed up on the dark web.

And I'm looking at it. don't know about you, but I have sites that I care about that have really strong passwords, but it's hard for me to really maintain those. And then there's those sites that I'm just logging in. I want to download something, whatever. And I use the same password, like for a hundred of those sites.

That's the password that went out there. So when I went out, exactly, I looked at my phone. That's where I'm like, it wants me to change a hundred passwords.

Exactly. But, the other thing is that, when you look at those bad actors and what they're trying to accomplish, once they get that.

it's fair game. It's open season and particularly in when you look at health systems and PHI. So it's really important that we look at that holistically. And I think, again, AI can be a positive. factor in both detection as well as recognizing when things are not in a normal state.

And so having that zero trust posturing and foundation I think is important as well.

Yeah, I'm glad you mentioned zero trust because there's as a CIO, I would see this breach and my first thought would be, we're in trouble. But we had architected our security around the concept of they're already on our network.

Exactly. And because we believe that they were already on our network, we designed things a little differently. And the reason I say that is, because it is human nature for people to reuse passwords. And so even though we tell them and we educate them and we do tests to make sure that they understand, there's some doctor who's using the same credentials.

for logging in to their health system that they're using on three or four other sites out there. And now all of a sudden it's on the dark web and they're going this guy works for this health system. He's a doctor and I have this password. Let's find their website.

Let's figure out, where to try to log this in. And because of COVID, we became a distributed environment. And so, we had to give people access remotely, and our workers are remote and whatnot. And so, there is somewhere where they can go and try those passwords and potentially get in.

And again, I think that makes the strong case for, identity access which again is one of our key product areas.

And then also, multi factor authentication as well, just to make sure that you're making it as difficult as possible. So that one password won't get you the keys to the kingdom, so to speak.

Hi everyone, I'm Sarah Richardson, president of the 229 Executive Development Community at This Week Health. I'm thrilled to share some exciting news with you. I'm launching a new show on our conference channel called Flourish. In Flourish, we dive into captivating career origin stories, offering insights and inspiration to help you thrive in your own career journey.

Whether you're a health system employee in IT or a partner looking to understand the healthcare landscape better, Flourish has something valuable for you. It's all about gaining perspectives and finding motivation to flourish in your career. .

You can tune in on ThisWeekHealth. com or wherever you listen to podcasts. Stay curious, stay inspired, and keep flourishing. I can't wait for you to join us on this journey.  

MFA was brought up during the change healthcare. breach because they had multi factor.

in a majority of the places, but then there was this one area over here that it wasn't turned on and that's where they got in. And

Optum and and UHG in general, they grow significantly through acquisition. And so the integration of that. Complexity and environment is very challenging for organizations of that size and have that kind of M& A posture as well.

And so again, I think if you look at it, obviously you want to lock down your applications. You want to look for east west traffic. You want to, do the things that you normally do, but, the device piece of that equation has to be I think very robust and also, intelligent in terms of.

both monitoring and taking remediation steps early

in

that process.

I'm gonna close with this story and this is more personal in that I assume you've played around with some Gen AI kind of stuff. And there's a couple of articles where they're talking about Gen AI.

So it used to be we'd go to Dr. Google and we'd ask a question or we'd go to WebMD and then we'd walk into our doctor and say, I have this and our doctor would just roll their eyes like, Oh my gosh, I can't believe you're doing your own research. That's now happening with Gen AI. People are essentially going, Hey, I have these symptoms.

It's responding and it's giving them sort of that first pass. And they go maybe I should go to an ER and that kind of, those kinds of things. How prevalent do you think that practice is going to be?

I think it's going to be prevalent, but I think again, when you look at Gen AI and its application in healthcare in general, it'll be more on the

administrative side and not the clinical side. I'm actually an investor as well, Bill, and I invest in a company that does summarizations for clinicians but it's also reviewed. So it's human in loop AI, because again, I think that you have to have that set of eyes that allows you to actually feed the LLMs that you're developing.

So over time it gets better and better, but I still believe that you have to have that level of verification with a human

in loop. That those summaries, when I talk to CIOs and CMIOs, the summaries is the area that they are really hopeful in. But they're a little hesitant to hand over the reins just yet because it's complex, right?

So if you have an ICU patient and you're pulling in all this information we know that GenAI is really good at summarizing, but in a clinical setting, it can't get anything wrong. Exactly right. And so that, that becomes the thing that holds them back a little bit in that space. But man, they're so excited for the day.

And they all believe that there will be a day.

And I think those models will get smarter and smarter where we'll have a higher level of a degree of trust in what they do. And the human interaction will, over time become less and less, but I don't think you ever take that out completely because of the clinical nature.

Human in

the loop, very important concept. Hey, Michael, congratulations on Omnissa and thanks for coming on the show and I really appreciate it. And looking forward to doing more of these with you.

No, absolutely. Thank you, Bill, and I appreciate the invite. And as we build and grow and innovate, we'd love to come back.

Fantastic. Take care.

 Thanks for listening to Newstay. There's a lot happening in our industry and while Newstay covers interesting stuff, another way to stay informed is by subscribing to our daily insights email, which delivers Expertly curated health IT news straight to your inbox. Sign up at thisweekealth. com slash news. Thanks for listening. That's all for now

Contributors

Thank You to Our Show Sponsors

Our Shows

Related Content

Healthcare Transformation Powered by Community

© Copyright 2024 Health Lyrics All rights reserved