This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

Welcome to This Week Health. Today we're continuing, our six part series on the Zero Trust Hospital, the CXO Vision.

It's a new book by Zscaler. I have one of the authors, Tamer Baker, the healthcare CTO for Zscaler here with me. I'm Drex DeFord, President of Cyber and Risk at This Week Health and the 229 Project. Tamer, thanks dropping in on the show today.

Thank you for having me, Drex. Always a pleasure working with you.

We've done several of these episodes now I've had a ton of fun. I've learned a lot too. We have some other folks who are lurking in the wings who have been watching us pull these things together that are telling me that they're learning stuff too. So that's great.

Yeah, there are actually a couple of sections within the book that we talk about all the business values that come along with zero trust, financial being one of them, of course, operational efficiencies, another one, etc.

When you're thinking about a conversation with the board there's a number of things that we've talked about in the book and get more specific details on, but it's really a. Some very high level things that you can address with the board member because a board member is not technical, right?

For the most part, we all know every once in a while, you run into somebody that can be a little dangerous with their questions. But for the most part, we have to put this in terms that are not technical. And by the way, Okay. For those of you that haven't seen our book, we do have a reference for how you talk to board members with Zero Trust.

So when we think, how do I communicate this to them? It is going to be the business value assessment side of the house. Where can we say financially, both operationally, so both CapEx and OpEx as well as brand reputation is important, right? A board does care about that where we show them and talk to them about how this actually reduces risk to make sure we're not on the news page, to make sure you're not dealing with legal and everything else for the next breach.

those are really important topics. And then they do care about, Okay. Patient care as well and patient health. So we talk about if we're helping the clinicians be more efficient with using this architecture, this helps generate more income. There's a couple ways we talked about it, but also gives a better patient experience.

You do have these other books, the book for the board, really great material because you've presented to boards.

I presented to boards. You never know if you're going to have somebody from a technology company, who's really smart and going to ask a lot of hard questions, or if you have a professional golfer on the board who doesn't have any technology experience, but they're curious and they're interested and they want to learn.

So yeah, figuring out how to engage the board critically important. Other key stakeholders, as you get into this, there will be internal stakeholders. Across the board talked about how to talk to the board. How do you talk to the internal stakeholders? How do you communicate the value to them?

Yeah, this is a very critical step in any kind of digital monetization project.

And here's how you communicate with them. Here's all the things that a chief nursing officer cares about or chief medical officer cares about. How do you communicate these values and benefits to them? They're not going to care about reducing risk and infrastructure savings that, all that stuff that goes out the window.

It's a better clinician experience for your people, right? They're gonna have better access, easier access. It's all seamless. It's all in the background. They're not gonna know the difference. Even if they have mediocre health because maybe they shouldn't have access to something.

So we talk about the different Leaders within an organization that all kind of fall in line and get on board with this transformation effort because it benefits you and it benefits you and it benefits you and it benefits you and we've actually outlined how it benefits different folks.

So that make your job easier to for this communication.

Yeah, important for the board, important for the internal stakeholders. I love the idea of the book, helping folks understand how to craft the message for a particular audience and how important that is when you're trying to tell a story.

And then there's like this whole idea of zero trust and how zero trust can make it easier to do things, big projects. Mergers and acquisitions. We can just start there. We touch on that in an earlier episode, but let's just talk about mergers and acquisitions for a minute. It's going on.

It's a great time to bring M& A into this conversation because there isn't a single board that I've talked to that hasn't told me We were breached from an M& A.

The acquiring entity brought something into us. Literally every board I've ever talked to has made that same comment. So M& A is a big factor in this, whether you're talking to a board and you want to talk about risk, like that is another piece of conversation if you're an acquiring type of an entity. As well as when you think about an M& A transaction.

One, it drastically reduces the time to value. Once you've gotten this in place, and we talked in earlier episodes about once this is there, you can innovate faster, you can bring new ideas in, you can bring new applications, new things into your environment a lot faster, because these things can, get connected much quicker and easier.

M& A is the same. don't have to de conflict networks because the network is abstracted from Zero Trust, right? I don't have to do all this de duplication. I can actually connect users to applications on both sides of the house on day one. We've helped probably 350 or so organizations through M& A, many of them in, the healthcare space as well.

By day one, you've already connect interconnected users and applications and users to the different data sources that they need to talk to. Versus waiting 3, 6, 9 months to make that interesting.

And I don't have time. I'm in a big hurry. And the result sometimes is, again, back to this I try to figure out how to do it with the stuff that I have, which leaves a lot of broken glass that I have to go clean up. And that broken glass is going to cut me when it comes to cyber security. You have the TSA requirement.

You

have deadlines.

Zero trust helps get around that.

Yeah, and so not only are we getting the faster ROI, the second point to it is you're getting everybody connected securely. So now you're making sure ransomware isn't coming in with them.

When you're thinking about how to promote this Zero Trust culture, guess what? It's going to help us do this too. So your CFO's happy, chief medical officer's happy, HR and legal are happy because even Pre day zero, when we're doing due diligence, I connect and legal to be able to information share as needed, right?

So there's a lot of happy people when it comes to an M& A story and messaging is in this book too on how you promote that culture within the different parts of your organization, incorporating M& A into that messaging.

Yeah I love that story. I'm gonna ask you to tell me a little bit more about it.

That internal advocacy, once you get started it usually starts small, but as more and more people realize what's happening and they are happy with it and they tell others, you create this avalanche effect with zero trust to you have other examples of that kind of avalanche that happened.

So before I moved into security and CTO space, et cetera, I was a network guy and everybody always blames the network

for anything that's

going wrong. It's mean time to innocence. So when we're having these conversations at this level or this part of the organization, all of a sudden it snowballs into another one because we're showing you, you know what?

Here's the exact point of where you're having a problem. Your user is connected to the neighbor's Wi Fi. Or, it could be your ISP, or it could be that user's browser is running at 100 percent of your resources because there's 180 Chrome tabs open. Whatever it may be, or sometimes it does end up being on the application side, where you now have a meantime to innocence, where you're resolving this.

many times have we seen these things like drag out and drag out to with the blame game?

Yeah, so that is a snowball effect where it affected other parts of the organization without realizing that this. Transformation really helps all these other people too because now we have that unprecedented visibility to be able to show you and we even give them the ability to turn something on and tell the user, hey, before you open a ticket, you might want to check your Wi Fi signal, right?

Something along those lines, right? You tell the user something's wrong before they even know something's wrong, right?

man, it's amazing. We could go on forever. And we are going to go on a little bit longer, actually while this wraps up our zero trust series if you've missed any of the previous episodes, you can go back and catch up.

You can sign up at thisweekhealth. com slash zerotrust. And Man, I think that's going to be a really good one. Don't forget to download the book. That's the other thing. Don't forget to download the book. The link will be in the show comments. So you can go out there and pull down the book to Tamer.

Thanks for being on with me today. And thanks to the listeners for being part of this journey. It's been quite a trip talking about zero trust.

No, thank you. We take What's historically a very difficult topic to digest. And I think we did a great job breaking this down.

So I appreciate you appreciate everything that this week health has done and, all your listeners, thanks for listening. And hope you enjoyed it. It was a fun, time.