Speaker 1: What's happening with your information? What are they going to do with it? Where is it being stored? Welcome to Medical Channel Asia. My name is Chris Thomas, the ExtraHop, and today I'm going to tell you why cybersecurity is important in the health care industry. ExtraHop's mission is to detect attacks and prevent breaches, and that's what we aim to do. So we enable organizations to monitor their network traffic, understand what normal traffic looks like, so monitoring normal client-to-server communications, such as in health care, the devices that are plugged into their network, what they're doing, what they're communicating to, and who they're communicating with, so that if there's any changes or any anomalies that can be detected, we can raise that so the people that are monitoring, the analysts, can respond and take the appropriate action once they determine what the cause of that activity is. Data in health care is more critical than other industries due to its nature. It's very personal. It's all about me, and it's something that can't be changed if it leaks. If my credit card gets compromised, I can get a new credit card, and people are probably quite used to doing that after a number of breaches that have taken place. But it's information about me. I can't change it. I can't take it back. And it's very personal as well. There's probably medical information that you don't want your closest friends to know about, let alone having it published on the internet for everyone to see, whether that's my partners, spouses, friends, even employers. So just by its nature being so personal, and information that you can't take back and can't change makes it really, really valuable. So as far as what IT departments and hospitals are doing wrong as far as cybersecurity and keeping data protected, there's probably not one thing they're doing wrong. But it's more a case of not being up to date with latest practices, making sure that they've got the right protections in place to protect the data, but also trying to make sure that when they're adding new innovations into the system, like I remember it was only a few years ago where you would go and get an X-ray, and you'd have to go somewhere, get an X-ray, then wait for it to get developed. Then you have to pick up the X-ray, and then take that to the doctor. Then the doctor loads it up on the light machine and looks at the X-ray. We don't do that anymore. It's all sent automatically via email and via electronic communications. So it's with these innovations, it's making sure that any risks associated with them are taken into account to make sure the data is being protected. In a lot of cases with hospital systems and IoT devices, there's not a lot of scope for administrators to make secure settings or change the settings on these devices. They're kind of left to have to trust what the vendor's telling them, how it's protected and what patches are installed. So really having to make sure they've got a way of being able to see what these devices are doing on the network and being aware of what communication paths they have. The dangers of storing data on an in-house system are probably to do with maintenance of that in-house system. The maintenance of that system pulls onto the administrators, whether they're enough resources to be able to have dedicated people to monitor that system, that database or the repository where the information is being stored, to make sure they stay up to date with any security patches and advisories to make sure that the data stored inside the repository is being secured. Using other systems such as cloud-based systems, a lot of that responsibility transfers across to the manager of the system and less for the actual administrators to worry about. So it may be, from a security perspective, there may be benefits of using cloud-based systems rather than on in-house systems for that type of information. We had an organization recently in Asia that we helped work with where they were using their network to transfer medical images. So HL7 is the protocol that's used to do that. And what we were able to see with ExtraHop is we were able to show them that there were some unauthorized, unexpected connections from their devices to external parties, actually overseas, internationally, that they didn't think these systems should be connecting to in the first place. But they were actually transferring some of that medical imaging information, so the actual x-rays and the pictures themselves with a very sensitive customer-based information. So they were able to take appropriate action, go to the vendor and say, hey, this shouldn't be happening. We need to close this up and reduce the risk associated with that particular connection. As a patient, data security means to me making sure that, I guess, you question what's happening with your information. So don't be afraid to ask your health care provider when they're asking you for sensitive information, what are they going to do with it? Where is it being stored? And just asking them that question to get them to tell you, how do you get access to it? How can you check whether it's being, unless you're a cybersecurity expert, you probably can't check and see whether it is being secured. But you can at least ask them for information about how that information is being handled, because that'll tell you a lot about their practices and whether they actually have good data handling processes in place where they can tell you that straight away, or if it's something that they need to go and research and find out. So don't be scared to ask questions about how your data is being handled. And that can help to give you a peace of mind as to the level of security of which the organisation is actually treating your information. As a patient to protect my own safety, or protect your own safety, the types of things you can do are really, just be aware of what information, if people are asking for too much information, ask them why they need that. So hold our information, it's our information, you can choose how you share it and what you do with it, and also understand how the organisation is going to use that information, maybe ask them what their data retention policies are, how long will that information be stored, who's going to have access to it, and just find out what that information is going to be used for. So in order for organisations like hospitals to manage the security of their patients' data, they really need to know where it is, who's got access to it, and what it's being used for. And that's really challenging a lot of hospital environments with the rise of electronic healthcare records, electronic systems being used, like we said before, the medical imaging. These devices get plugged into the network, a lot of times the hospital or the organisation can't change the security settings, they can't patch the system. A lot of times they're using older versions of operating systems, like embedded Windows or Windows XP, things like that, which don't have the latest security updates and have vulnerabilities in them, so can be the victims of malware or worms that run in the network, such as I saw recently, not with an organisation in Asia, but elsewhere in the world, where they actually had some malware that was running inside and infecting lots of systems inside the hospital network that was introduced into the environment from an ultrasound machine that had been infected when it was actually plugged into a different facility. So keeping an eye on these things, having network visibility, as we provide with ExtraHop, helps to give those organisations that visibility where you can't install an agent and you can't see the actual settings inside the device itself, but you can monitor what it's connecting to and get an idea from the network whether it's behaving as it should and communicating to the systems that it needs to, to complete its purpose, or whether there's anomalous traffic, like we saw with the HL7 imaging system, sending images outside the organisation. ExtraHop helps you as a patient in tangible ways by giving organisations the ability to say that they're confident with the security monitoring they have in place. One of our first customers was the Seattle Children's Hospital, and their security people say that ExtraHop is the tip of the spear for them that helps drive innovation. They know that from a security perspective, these networks are being monitored, they're being monitored, they're being monitored, and they're being monitored. These networks are being monitored and they can spot advanced threats if they appear on the network, and it gives them the confidence and the ability to focus more time on doing advanced research projects, using cloud workloads and opening the system up for better research, which down the line, once the research is complete, ends up with better healthcare for all of us and better technologies being used and better systems in place with new innovations. So by helping to secure the network environments, ExtraHop's able to help advance research and development and investments that hospitals are making into new techniques and new technologies they may use for patient care.