WEBVTT 1 00:00:07.470 --> 00:00:09.990 Anna Delaney: Hello, and welcome to the ISMG Editors' Panel. I'm 2 00:00:09.990 --> 00:00:13.260 Anna Delaney, and here we share the top cybersecurity news 3 00:00:13.290 --> 00:00:17.070 cybercrime trends and tech innovations on a weekly basis. 4 00:00:17.340 --> 00:00:20.580 I'm very pleased to be doing so with Tom Dield, senior vice 5 00:00:20.580 --> 00:00:24.390 president of editorial, Marianne Kolbasuk McGee, executive editor 6 00:00:24.390 --> 00:00:27.330 of HealthcareInfoSecurity, and Michael Novinson, managing 7 00:00:27.330 --> 00:00:30.270 editor of ISMG business. Great to see you all. 8 00:00:31.050 --> 00:00:31.980 Tom Field: Thanks for having us back. 9 00:00:32.640 --> 00:00:33.090 Marianne McGee: Thank you. 10 00:00:34.380 --> 00:00:37.020 Anna Delaney: Always a pleasure. So Michael, why don't you start 11 00:00:37.020 --> 00:00:40.800 us off? Because you're in the sea, maybe? 12 00:00:40.840 --> 00:00:43.210 Michael Novinson: Yes, this is a bit of a throwback here; the 13 00:00:43.210 --> 00:00:47.350 Labor Day weekend, with dragon boat races, in Rhode Island 14 00:00:47.350 --> 00:00:51.250 there is a large Taiwanese expatriate community. Like, 15 00:00:51.580 --> 00:00:56.170 Taiwanese art festival weekend, and as part of that to do dragon 16 00:00:56.170 --> 00:01:00.370 boat races in the river. So it's a lot of fun to watch, a lot of 17 00:01:00.370 --> 00:01:05.200 spectators out there. So it's really a unique local event. 18 00:01:05.470 --> 00:01:05.950 Anna Delaney: Very good. 19 00:01:05.950 --> 00:01:07.180 Tom Field: You didn't participate, Michael? 20 00:01:08.290 --> 00:01:10.120 Michael Novinson: No, for some reason they did not draft me 21 00:01:10.120 --> 00:01:10.960 into service. 22 00:01:12.550 --> 00:01:14.890 Anna Delaney: What a shame! But what a great, great event. Love 23 00:01:14.890 --> 00:01:15.970 it, Tom? 24 00:01:17.700 --> 00:01:21.270 Tom Field: Well, I'm in Dallas for a roundtable discussion this 25 00:01:21.270 --> 00:01:25.260 week. And this being just honestly days away. From the 26 00:01:25.260 --> 00:01:28.080 60th anniversary of the assassination of John F. 27 00:01:28.080 --> 00:01:31.710 Kennedy. I took a walk down the road last night to Dealey Plaza 28 00:01:31.740 --> 00:01:35.580 where Kennedy was assassinated. And the view you have right here 29 00:01:35.580 --> 00:01:40.350 is indeed, the grassy knoll restored to look, as it did in 30 00:01:40.350 --> 00:01:42.630 November of 19 63. 31 00:01:42.630 --> 00:01:47.880 Anna Delaney: 60 years already. Wow. Incredible. And Marianne, 32 00:01:48.150 --> 00:01:48.960 lift us up. 33 00:01:50.040 --> 00:01:54.870 Marianne McGee: I am at a farm in Western Mass and Amherst, 34 00:01:54.870 --> 00:01:57.570 Massachusetts. It was a few weeks ago; I just took tons of 35 00:01:57.570 --> 00:02:00.000 pictures knowing that I need them. 36 00:02:01.050 --> 00:02:03.240 Anna Delaney: Yes, I'm glad you were thinking about the Editors' 37 00:02:03.240 --> 00:02:11.010 Panel. I know, Tom does that, every time he's in the sky. 38 00:02:11.130 --> 00:02:14.580 Well, I'm sharing the last signs of autumn, I think, autumn 39 00:02:14.580 --> 00:02:17.730 leaves in the U.K. This was taken recently on a country walk 40 00:02:17.730 --> 00:02:21.840 and I'm just loving all the rich colors there. Maybe next week, 41 00:02:21.840 --> 00:02:26.580 they won't be there. So good to take those shots. Tom, start us 42 00:02:26.580 --> 00:02:30.090 off this week. So you've been interviewing more Israeli tech 43 00:02:30.090 --> 00:02:33.930 founders and CEOs as part of the series that you're conducting - 44 00:02:33.930 --> 00:02:37.650 "Insights from Israel." Each interview, I must say, is as 45 00:02:37.650 --> 00:02:41.820 inspiring as the other and also really jaw dropping in terms of 46 00:02:41.850 --> 00:02:44.910 what they and their teams and their families are going through 47 00:02:44.910 --> 00:02:47.670 right now. So why don't you share insights from your latest 48 00:02:47.670 --> 00:02:48.270 conversation? 49 00:02:48.240 --> 00:02:51.610 Tom Field: I will and honestly I didn't intend to do that for 50 00:02:51.678 --> 00:02:55.655 three meetings in a row here. But the interview I conducted 51 00:02:55.723 --> 00:03:00.105 last week with the gentleman I'm going to share was so compelling 52 00:03:00.172 --> 00:03:04.150 when I asked him about how things had changed since October 53 00:03:04.217 --> 00:03:08.195 8, that I really wanted to share this with you and with the 54 00:03:08.262 --> 00:03:12.307 broader audience here as well. And what I learned from every 55 00:03:12.375 --> 00:03:16.622 one of these discussions, and I can ask the same questions, but 56 00:03:16.690 --> 00:03:20.802 the answers are so unique. And the message is that, you know, 57 00:03:20.869 --> 00:03:24.510 war disrupts lives. From disruption, comes resiliency, 58 00:03:24.577 --> 00:03:28.690 but also can come innovation. And innovation is what sustains 59 00:03:28.757 --> 00:03:32.735 us going forward. And so what I want to share today, it's a 60 00:03:32.802 --> 00:03:37.117 longer clip, but I think it's a worthwhile one, because it shows 61 00:03:37.184 --> 00:03:40.960 how in the shadow of these terrorist attacks, our source 62 00:03:41.027 --> 00:03:45.274 here, in his company, were able to innovate in a way that saved 63 00:03:45.342 --> 00:03:49.522 lives, changed business, and let me underscore saved lives. So 64 00:03:49.589 --> 00:03:53.701 mind if I share a clip from my discussion with Ami Daniel, he 65 00:03:53.769 --> 00:03:55.320 is the CEO of Windward. 66 00:03:55.810 --> 00:03:59.380 Ami Daniel: I woke up with my wife, my kids from a siren 6:32 67 00:03:59.410 --> 00:04:04.630 a.m., Saturday, a month ago. And my wife told me instantaneously, 68 00:04:04.630 --> 00:04:08.860 Ami, it's like the Yom Kippur War, which was 50 years to the 69 00:04:08.860 --> 00:04:13.180 Yom Kippur War. I don't know how she knew it. But she knew. It 70 00:04:13.780 --> 00:04:15.970 took me about 25 minutes to wrap my head around what she's 71 00:04:15.970 --> 00:04:17.860 saying. And I said, okay, listen, let's think about what 72 00:04:17.860 --> 00:04:22.600 we could do. So we ended up writing a lot of WhatsApp 73 00:04:22.600 --> 00:04:25.630 messages to friends and like to group saying, how can we help? 74 00:04:26.710 --> 00:04:30.340 And this guy came back to me and said, talk to my lawyer. I was 75 00:04:30.550 --> 00:04:33.070 like okay, that ain't a bad thing, but maybe we can help 76 00:04:33.070 --> 00:04:38.170 him. And for the first time, I think in my life, out of my own 77 00:04:38.170 --> 00:04:42.700 will, I call a lawyer and say, hey, what's up? How can I help? 78 00:04:42.700 --> 00:04:48.430 And he said, listen, my daughter right now is locked in and she 79 00:04:48.430 --> 00:04:52.120 ran from this party and there are terrorists around her, can 80 00:04:52.120 --> 00:04:54.820 you help her? I was like, excuse me? Can you say that again? He 81 00:04:54.820 --> 00:04:59.500 says, yes, my daughter ran from a party. Her boyfriend got shot. 82 00:04:59.530 --> 00:05:02.440 She's like locked out somewhere, can you help her? I said, 83 00:05:02.440 --> 00:05:05.890 listen, let me try. And I WhatsApp his daughter - listen, 84 00:05:05.890 --> 00:05:09.940 your dad said this. She says, Ami, help me. There are 85 00:05:09.940 --> 00:05:12.940 terrorists here, my boyfriend got shot, his friend got shot, 86 00:05:12.940 --> 00:05:15.610 we're surrounded by bodies and there are terrorists out here. 87 00:05:15.970 --> 00:05:19.630 Just help me get out of here. And normal people would have 88 00:05:19.630 --> 00:05:25.210 said, maybe sorry, can't do it. I said, on it. I just said on 89 00:05:25.210 --> 00:05:30.220 it. So I turn to my wife. She said, why don't you call this 90 00:05:30.220 --> 00:05:32.740 friend of ours, which is general and I call him and he says, 91 00:05:33.280 --> 00:05:35.530 listen, I have this lady locked in. Can you help and he says 92 00:05:35.830 --> 00:05:41.050 here's a guy, call him. So I ended up working with the army 93 00:05:41.350 --> 00:05:48.310 and finding hostages in the field, in different kibbutz or 94 00:05:48.310 --> 00:05:53.230 cities. And at the same time finding the army people and the 95 00:05:53.230 --> 00:05:56.710 forces on the ground and connecting between them one by 96 00:05:56.710 --> 00:06:00.430 one, and directing the army forces to where there are 97 00:06:00.430 --> 00:06:04.060 hostages. And the same time supporting mentally to hostages 98 00:06:04.060 --> 00:06:06.400 and saying listen, the Army is coming and, you know, you're 99 00:06:06.400 --> 00:06:09.970 five minutes away, where are you and so forth. So doing that 100 00:06:09.970 --> 00:06:14.740 Saturday, we ended up saving dozens of families this way, 101 00:06:14.770 --> 00:06:21.160 including that lady by the way. Sunday morning, I woke up, you 102 00:06:21.160 --> 00:06:24.040 know, and I said we're all done and you know, went to sleep like 103 00:06:24.040 --> 00:06:29.110 3 a.m., when I finished like multiple of these cases. And my 104 00:06:29.110 --> 00:06:31.330 wife turned to me and says, what do we do now? I said, you know 105 00:06:31.330 --> 00:06:35.770 back to normal, and we get a flood of like hundreds of people 106 00:06:36.070 --> 00:06:39.280 writing me WhatsApp messages and to my friends - get us out, get 107 00:06:39.280 --> 00:06:43.000 us out, get us out, the terrorists are here. So we ended 108 00:06:43.000 --> 00:06:46.030 up calling a few of our friends. And suddenly like by 10 a.m., on 109 00:06:46.030 --> 00:06:50.260 Sunday, we had about 20 people in our house. My kids were 110 00:06:50.260 --> 00:06:53.890 printing maps, connecting screens, people were coming in, 111 00:06:54.610 --> 00:06:58.330 you know, getting assignments from us and getting people out. 112 00:06:58.420 --> 00:07:01.060 And by Monday, we understood it's national need. So we ended 113 00:07:01.060 --> 00:07:04.870 up building a national product - tech product - for saving people 114 00:07:04.870 --> 00:07:08.140 under the fire called Kvar Baim, which means we'll be right 115 00:07:08.140 --> 00:07:10.900 there. So we scaled that product together, with all the 116 00:07:10.900 --> 00:07:15.520 authorities, and it's right now national, fully operational care 117 00:07:15.520 --> 00:07:18.100 product that already saved hundreds of people. 118 00:07:18.870 --> 00:07:21.240 Tom Field: To say, this is why I do this work, this is why I 119 00:07:21.240 --> 00:07:24.000 conduct these interviews, to be able to share stories like that. 120 00:07:24.000 --> 00:07:25.470 I just find that incredibly inspiring. 121 00:07:26.340 --> 00:07:33.330 Anna Delaney: Incredible innovation. Really stressful, 122 00:07:33.660 --> 00:07:37.860 heartbreaking time. And what I found quite moving is this drive 123 00:07:37.860 --> 00:07:40.890 - this community drive - the determination to help each other 124 00:07:40.890 --> 00:07:43.890 and even his own children volunteering in the rescue 125 00:07:43.890 --> 00:07:46.410 effort. So as you say, it's really very inspiring. 126 00:07:46.950 --> 00:07:49.290 Tom Field: I come out of with the drive that next time I'm in 127 00:07:49.290 --> 00:07:52.650 any kind of a crisis or someone that I know is, I hope I had the 128 00:07:52.650 --> 00:07:54.990 presence to respond to it with "on it." 129 00:07:57.390 --> 00:07:59.310 Anna Delaney: Well, very compelling interview. Thank you, 130 00:07:59.340 --> 00:08:02.370 Tom, for sharing. Marianne, moving on to your story. So a 131 00:08:02.370 --> 00:08:05.400 growing number of regional healthcare providers in the U.S. 132 00:08:05.430 --> 00:08:08.220 and Canada have recently been forced to move patients to 133 00:08:08.220 --> 00:08:12.090 neighboring entities due to cybersecurity incidents. So talk 134 00:08:12.090 --> 00:08:13.500 to us about this troubling trend. 135 00:08:14.620 --> 00:08:18.130 Marianne McGee: Sure, well, the trend isn't new, but because 136 00:08:18.130 --> 00:08:21.820 there has been a flurry of these sort of regional attacks in 137 00:08:21.820 --> 00:08:25.810 recent weeks, it's just drawing more attention to this problem 138 00:08:25.810 --> 00:08:29.320 again. And basically, there's been a number of cyberattacks 139 00:08:29.320 --> 00:08:34.840 recently on regional hospitals that have forced these hospitals 140 00:08:34.870 --> 00:08:39.610 to basically move patients or divert patients to other 141 00:08:39.610 --> 00:08:45.100 neighboring facilities. And one of the latest entities that 142 00:08:45.130 --> 00:08:49.330 recently suffered a ransomware attack where it's caused them to 143 00:08:49.330 --> 00:08:53.650 divert ambulances and patients is Tri-City Medical Center, 144 00:08:53.650 --> 00:08:59.260 which is an acute care public health hospital with 144 beds 145 00:08:59.260 --> 00:09:04.570 that serves four communities in San Diego, California. That 146 00:09:04.600 --> 00:09:08.890 hospital is dealing with the situation right now. But it's 147 00:09:08.890 --> 00:09:12.250 not just a U.S. problem, as you mentioned. In Canada, there's 148 00:09:12.250 --> 00:09:16.930 been five regional hospitals in recent weeks that were affected 149 00:09:16.930 --> 00:09:21.970 by a ransomware attack on their shared IT services provider. And 150 00:09:21.970 --> 00:09:25.120 those hospitals said that, you know, despite this attack 151 00:09:25.120 --> 00:09:29.560 happening in October, they don't expect to have a full recovery 152 00:09:29.560 --> 00:09:35.080 until at least mid December, during which time they are still 153 00:09:35.110 --> 00:09:38.980 being forced to either postpone or cancel various patient 154 00:09:39.220 --> 00:09:42.880 procedures, and in many cases, diverting those patients to 155 00:09:42.880 --> 00:09:46.270 other area facilities because doctors just can't access the 156 00:09:46.270 --> 00:09:49.510 records that they need to provide safe care to those 157 00:09:49.510 --> 00:09:54.910 patients. So when a regional hospital suffers a disruptive 158 00:09:54.910 --> 00:09:59.020 attack like these, the incidents have a widespread negative 159 00:09:59.020 --> 00:10:01.660 impact on the new neighboring hospitals that are all of a 160 00:10:01.660 --> 00:10:05.890 sudden picking up the slack. For instance, the added hospital 161 00:10:05.920 --> 00:10:09.730 patient loads for these nearby facilities puts a lot of extra 162 00:10:09.730 --> 00:10:13.180 stress on the entities, their staff and ultimately affects 163 00:10:13.180 --> 00:10:17.980 patients. Now, in May, The Journal of American Medical 164 00:10:17.980 --> 00:10:22.570 Association or JAMA, published a report finding that hospitals 165 00:10:22.600 --> 00:10:27.010 adjacent to healthcare delivery organizations that are affected 166 00:10:27.010 --> 00:10:31.180 by ransomware attacks often see increases in the volume of 167 00:10:31.180 --> 00:10:37.720 patients that they serve and may as a result experience resource 168 00:10:37.750 --> 00:10:41.830 constraints that affect time sensitive care for conditions 169 00:10:41.830 --> 00:10:46.960 such as strokes. The author has said that the study finds that 170 00:10:47.350 --> 00:10:53.020 the targeted hospitals, which then send their patients off to 171 00:10:53.020 --> 00:10:56.560 the other hospitals, should really be looking at this as a 172 00:10:56.560 --> 00:11:01.690 community as a regional sort of disaster and to plan for such. 173 00:11:02.080 --> 00:11:05.920 The authors said that the report's findings support the 174 00:11:05.920 --> 00:11:10.180 need for coordinated regional cyber disaster planning. And the 175 00:11:10.180 --> 00:11:16.450 study also says that the potential care of patients from 176 00:11:16.450 --> 00:11:20.890 these cyberattacks also just emphasizes that need for 177 00:11:20.890 --> 00:11:25.360 hospitals to build resiliency for not only cyberattacks, such 178 00:11:25.360 --> 00:11:29.200 as ransomware, at their own organizations, but their plans 179 00:11:29.200 --> 00:11:34.210 for dealing with such incidents at neighboring facilities. A 180 00:11:34.330 --> 00:11:37.750 separate study also earlier this year by the Parliament Institute 181 00:11:37.750 --> 00:11:40.900 found that patient care diversions due to ransomware 182 00:11:40.900 --> 00:11:45.790 attacks are on the rise. That survey of nearly 600 healthcare 183 00:11:45.790 --> 00:11:49.720 technology and security leaders found that respondents who 184 00:11:49.720 --> 00:11:53.500 reported that their entities did experience a ransomware attack 185 00:11:53.500 --> 00:11:59.020 in the last year. Of those 70% said their organizations had to 186 00:11:59.050 --> 00:12:02.530 either divert or transfer patients to other facilities, 187 00:12:02.830 --> 00:12:08.110 which was up from 65% the year before. Now I spoke with Josh 188 00:12:08.110 --> 00:12:12.670 Corman who served as chief strategist at CISA, on the 189 00:12:12.670 --> 00:12:17.110 agency's COVID Task Force during the height of the pandemic. And 190 00:12:17.110 --> 00:12:19.900 he tells me that these studies are just more proof that 191 00:12:19.900 --> 00:12:23.740 hospitals need to carefully hone not only their own incident 192 00:12:23.770 --> 00:12:28.090 response plans, but that for the community. Corman said that 193 00:12:28.090 --> 00:12:31.720 hospitals' Cyber Incident Response Plans overrule or often 194 00:12:31.720 --> 00:12:36.580 poorly rehearsed, and especially not at all well rehearsed for 195 00:12:36.580 --> 00:12:40.870 regional outages. And Corman says that there really needs to 196 00:12:40.870 --> 00:12:44.530 be a change in this sort of mindset, not only for the sake 197 00:12:44.530 --> 00:12:47.950 of patients, but also for the sake of the medical institutions 198 00:12:47.950 --> 00:12:51.700 themselves. And they're overworked clinicians who face 199 00:12:51.700 --> 00:12:55.570 added stress and burnout in these incidents. And that's when 200 00:12:55.570 --> 00:12:58.960 mistakes happen. So it's very important that these hospitals 201 00:12:58.960 --> 00:13:02.860 not only look at their own response plans, but what happens 202 00:13:02.860 --> 00:13:06.430 if one of their neighboring hospitals also suffers an 203 00:13:06.430 --> 00:13:09.100 attack, which is happening more and more often, it seems. 204 00:13:09.910 --> 00:13:12.460 Anna Delaney: And from your perspective, Marianne, is this a 205 00:13:12.460 --> 00:13:16.540 resource issue or just management/governance issue? 206 00:13:16.540 --> 00:13:18.100 Where does the heart of this problem lie? 207 00:13:18.870 --> 00:13:22.230 Marianne McGee: Well, yeah, I think a lot of it sort of was, 208 00:13:22.740 --> 00:13:25.080 you know, during the pandemic, for instance, you know, that was 209 00:13:25.080 --> 00:13:28.470 like, the worst possible time to have a ransomware attack or 210 00:13:28.620 --> 00:13:32.580 something like this, but you know, even post that time where 211 00:13:32.580 --> 00:13:35.670 you have, you know, an overstressed healthcare system, 212 00:13:36.570 --> 00:13:39.780 you know, often, also when it comes to the regional hospitals, 213 00:13:39.810 --> 00:13:42.420 you know, you may be in a region, like San Diego, that's, 214 00:13:42.420 --> 00:13:45.540 you know, highly populated area, and, you know, okay, for 215 00:13:45.930 --> 00:13:49.110 communities, their one main hospital is not operating, but 216 00:13:49.110 --> 00:13:51.330 there's other hospitals to go to, but in some communities, the 217 00:13:51.330 --> 00:13:54.840 next hospital might be, you know, maybe a few hours away, if 218 00:13:54.840 --> 00:13:58.380 it's a trauma hospital or something like that. And, you 219 00:13:58.380 --> 00:14:01.890 know, those hospitals are at distance, but they also need to 220 00:14:01.890 --> 00:14:05.310 be ready to take in, you know, patients as if it was some sort 221 00:14:05.310 --> 00:14:08.640 of other kind of crisis. But when it comes to, you know, the 222 00:14:08.670 --> 00:14:11.940 more compact cities that have, you know, hospitals that 223 00:14:11.940 --> 00:14:15.960 suffered these attacks on, you know, again, there's all sorts 224 00:14:15.960 --> 00:14:19.680 of clinical shortages, in terms of, you know, specialty 225 00:14:19.710 --> 00:14:24.630 providers, and, you know, your workers and, you know, other 226 00:14:24.750 --> 00:14:28.290 physicians that treat patients for, you know, special ailments 227 00:14:28.290 --> 00:14:33.390 or cancer, and when you're the those patients that are used to 228 00:14:33.390 --> 00:14:36.120 getting their care there or suddenly forced to go elsewhere, 229 00:14:36.450 --> 00:14:42.600 not only is it an overburdening of that other crew, they also 230 00:14:42.630 --> 00:14:45.390 then need to be able to try to access the records of these 231 00:14:45.390 --> 00:14:48.360 patients, which are often inaccessible to them too if 232 00:14:48.360 --> 00:14:52.290 they're on, you know, a network where, you know, these records 233 00:14:52.290 --> 00:14:57.240 are stored and that entity is now offline. So, you know, it's 234 00:14:57.240 --> 00:14:59.670 not just you know, something in your own backyard. It's you 235 00:14:59.670 --> 00:15:02.670 know, wider spread when a hospital has an incident like 236 00:15:02.670 --> 00:15:05.250 this where you're forcing patients to go elsewhere. 237 00:15:06.000 --> 00:15:08.430 Anna Delaney: Really massive challenge. Thank you, Marianne. 238 00:15:08.580 --> 00:15:12.330 Okay, Michael, you attended the Rockwell Automation Fair last 239 00:15:12.330 --> 00:15:15.480 week. What are your overall impressions of the event? Any 240 00:15:15.480 --> 00:15:16.890 trends/takeaways you can share? 241 00:15:17.950 --> 00:15:19.450 Michael Novinson: Absolutely. Anna, thank you for the 242 00:15:19.450 --> 00:15:24.100 opportunity. Rockwall has such a broad scope of areas where they 243 00:15:24.100 --> 00:15:28.360 focus in terms of manufacturing chemicals, oil and gas, and food 244 00:15:28.360 --> 00:15:30.940 and beverage. But I'm really going to double click on two 245 00:15:30.940 --> 00:15:33.430 areas that I think would be most relevant to our readership. 246 00:15:33.430 --> 00:15:36.580 First is the investments they've made in cybersecurity. And then 247 00:15:36.580 --> 00:15:38.950 second is the investments they've made around artificial 248 00:15:38.950 --> 00:15:41.800 intelligence. I'll start with the cybersecurity piece first 249 00:15:41.800 --> 00:15:45.580 here, and there is a talk during their keynote addresses about 250 00:15:45.670 --> 00:15:49.180 specifically around cyber risk as it relates to external hard 251 00:15:49.180 --> 00:15:52.540 drive, as well as the targeting of programmable logic 252 00:15:52.540 --> 00:15:56.500 controllers, or PLCs. So starting first with the external 253 00:15:56.500 --> 00:15:59.890 hard drives, this really is a big challenge when it comes to 254 00:15:59.890 --> 00:16:03.490 industrial facilities, such as wastewater treatment plants, 255 00:16:03.610 --> 00:16:06.340 because they're small, they're easy to conceal, and they look 256 00:16:06.700 --> 00:16:10.570 like a normal device. So you're really seeing a combination here 257 00:16:10.570 --> 00:16:13.600 of the physical and the cyber. So you could have a phony 258 00:16:13.600 --> 00:16:16.510 inspector or somebody who pretends to be on the grounds of 259 00:16:16.510 --> 00:16:20.380 a wastewater treatment facility for legitimate reasons, enter in 260 00:16:20.440 --> 00:16:25.150 and then use a Raspberry Pi computer, in fact, infested with 261 00:16:25.150 --> 00:16:28.450 malware, put it on an external hard drive and then get into the 262 00:16:28.450 --> 00:16:32.230 organization systems in that manner. And if there wasn't 263 00:16:32.350 --> 00:16:35.290 adequate controls in place, this would allow the phony inspector 264 00:16:35.290 --> 00:16:39.490 to walk out of the facility with valuable internal proprietary 265 00:16:39.490 --> 00:16:42.850 information in terms of what they're doing. In a similar 266 00:16:42.850 --> 00:16:46.270 vein, insider attacks also can be a challenge when it comes to 267 00:16:46.570 --> 00:16:50.530 external hard drives or other attack vectors, given that they 268 00:16:50.530 --> 00:16:54.190 do have the right credentials. And are the folks that Rockwell 269 00:16:54.190 --> 00:16:57.610 really emphasizing the need for multiple layers of protection, 270 00:16:58.150 --> 00:17:01.480 regardless of credentials to make sure that there are checks 271 00:17:01.480 --> 00:17:04.630 and invalidation required, regardless of who somebody is 272 00:17:04.840 --> 00:17:09.580 purporting to be. In a similar vein in terms of programmable 273 00:17:09.580 --> 00:17:14.470 logic controllers. And this would really be an escalation if 274 00:17:15.700 --> 00:17:18.580 that wastewater treatment plant was able to prevent the spread 275 00:17:18.580 --> 00:17:22.630 of malware through an external hard drive, what they can do is 276 00:17:22.630 --> 00:17:26.560 go after that PLC, which is an industrial computer that is used 277 00:17:26.560 --> 00:17:29.290 at wastewater treatment facilities to automate 278 00:17:29.290 --> 00:17:36.580 processes. And a successful attack against the PLC could, 279 00:17:36.700 --> 00:17:39.370 for instance, allow a threat actor to change the chemicals 280 00:17:39.370 --> 00:17:43.690 that are flowing through a water treatment facility. The folks at 281 00:17:43.690 --> 00:17:47.290 Rockwell were talking about the need for advanced planning here, 282 00:17:47.320 --> 00:17:50.620 the need for protections like vulnerability management, as 283 00:17:50.620 --> 00:17:54.070 well as greater management and monitoring around the PLC 284 00:17:54.070 --> 00:17:57.820 itself. So that's where they're doing a lot of investments, they 285 00:17:57.820 --> 00:18:02.080 are focused on that whole cybersecurity lifecycle all the 286 00:18:02.080 --> 00:18:05.980 way, from upfront consulting to IR and remediation services. 287 00:18:06.250 --> 00:18:09.250 These are some of the emerging cyberthreats they see for 288 00:18:09.250 --> 00:18:14.710 industrial facilities. At the generative AI front, there's a 289 00:18:14.710 --> 00:18:17.650 couple areas where they're using generative AI internally, 290 00:18:18.010 --> 00:18:20.920 specifically, they're doing a lot around code samples, they're 291 00:18:20.920 --> 00:18:24.460 doing a lot around Q&As. And then they're focusing on 292 00:18:24.670 --> 00:18:28.180 personalization and customization. And the reason 293 00:18:28.210 --> 00:18:30.940 that Rockwell has been able to do so much in the generative AI 294 00:18:30.940 --> 00:18:39.760 front is that the tax bases in modern software development can 295 00:18:39.760 --> 00:18:42.790 be either a generative AI tool is able to read produce and 296 00:18:42.790 --> 00:18:47.710 generate text. So terms of from a code snippet standpoint that 297 00:18:47.710 --> 00:18:51.490 they built into their design studio product, which is really 298 00:18:51.490 --> 00:18:55.180 focused on industrial design, this idea of smart creation are 299 00:18:55.180 --> 00:18:59.110 using generative AI to create snippets of code within the 300 00:18:59.110 --> 00:19:03.430 software. And this really allows for some upskilling, allows less 301 00:19:03.430 --> 00:19:06.700 experienced designers and programmers to gain the 302 00:19:06.700 --> 00:19:10.660 knowledge and the best practices of their most skilled people. It 303 00:19:10.660 --> 00:19:13.690 also can help folks get started. They are talking some about this 304 00:19:13.690 --> 00:19:19.030 idea of coder's block that these programmers have a problem to 305 00:19:19.030 --> 00:19:21.970 solve, but they don't know where to get started. So their feeling 306 00:19:21.970 --> 00:19:25.720 was these code snippets can help there. Secondary is really 307 00:19:25.720 --> 00:19:31.480 around this generative, or general Q&A tool that can help 308 00:19:31.480 --> 00:19:36.610 answer common questions from users of their design studio 309 00:19:36.610 --> 00:19:38.830 product ... questions like what is this Smart Object? Or how do 310 00:19:38.830 --> 00:19:45.610 you create a new Smart Object? And, again, benefits here really 311 00:19:45.610 --> 00:19:48.550 around that natural language processing that you don't need 312 00:19:48.550 --> 00:19:51.100 to know exact search terms. You don't need to be a sophisticated 313 00:19:51.100 --> 00:19:54.310 coder to get this information. The queries come back in human 314 00:19:54.310 --> 00:19:59.260 readable text. And so that's something that they feel can be 315 00:19:59.260 --> 00:20:03.370 broadly applied across their customer base. Finally here, 316 00:20:03.370 --> 00:20:08.800 what they're really focused on in the go-forward is moving from 317 00:20:08.800 --> 00:20:13.030 kind of generating these snippets of sample code to being 318 00:20:13.030 --> 00:20:17.590 able to produce code based on the project content or the 319 00:20:17.590 --> 00:20:22.300 libraries of a particular customer. And what the folks at 320 00:20:22.300 --> 00:20:25.450 Rockwell were saying is once they've trained their products 321 00:20:25.450 --> 00:20:28.780 on how to work more effectively with the LLM that they've 322 00:20:28.780 --> 00:20:32.020 generated, that customers will be able to use their own 323 00:20:32.020 --> 00:20:36.520 libraries and generate code from there. So those are some of that 324 00:20:36.520 --> 00:20:39.460 highlights on from both cyber side and the AI side and they're 325 00:20:39.460 --> 00:20:43.270 also doing a lot of work with Microsoft. On that AI-side, 326 00:20:43.300 --> 00:20:47.050 they're working with Azure's OpenAI to do that. So it's going 327 00:20:47.050 --> 00:20:48.940 to be a really fascinating space to watch. 328 00:20:50.050 --> 00:20:52.240 Anna Delaney: Brilliant, and were there any startup speakers 329 00:20:52.270 --> 00:20:55.660 or particular presentations that you watched? 330 00:20:56.470 --> 00:20:59.620 Michael Novinson: Yeah. So I did particularly enjoy the Judson 331 00:20:59.620 --> 00:21:03.070 Althoff who was the chief commercial officer at Microsoft 332 00:21:03.070 --> 00:21:06.490 there; he was talking about some of the ways that they've applied 333 00:21:07.480 --> 00:21:11.050 generative AI internally within Microsoft and any talk through 334 00:21:11.050 --> 00:21:14.350 their staged approach in terms of internal use for employees, 335 00:21:14.350 --> 00:21:16.570 how they've extended it to partners like Rockwell, and then 336 00:21:16.690 --> 00:21:19.630 what's on the road map in terms of what they're planning to do 337 00:21:19.630 --> 00:21:25.240 for customers. So it was really interesting to see just how much 338 00:21:25.240 --> 00:21:29.230 has changed at Microsoft over the past year. One example I'll 339 00:21:29.230 --> 00:21:32.590 give you in terms of the customer support organization 340 00:21:33.160 --> 00:21:34.840 that likes a lot of organizations, they've been 341 00:21:34.840 --> 00:21:37.060 trying to do some belt tightening, though the economy 342 00:21:37.120 --> 00:21:40.210 is in great high interest rates, that they've actually been able 343 00:21:40.210 --> 00:21:42.670 to reduce the amount of personnel and their customer 344 00:21:42.670 --> 00:21:46.960 support organization by close to 80% by answering those basic 345 00:21:46.960 --> 00:21:50.350 level queries with it application of generative AI, 346 00:21:50.620 --> 00:21:52.870 and at the same time, they're receiving higher customer 347 00:21:52.870 --> 00:21:56.470 satisfaction and feedback responses than when it was done 348 00:21:56.500 --> 00:22:00.820 more manually. So just being 40,000 person organization 349 00:22:00.820 --> 00:22:04.390 within Microsoft, not small, but just one example of the 350 00:22:04.390 --> 00:22:06.520 potential that generative AI has to offer. 351 00:22:07.270 --> 00:22:09.550 Anna Delaney: It's incredible. Well, thank you very much, 352 00:22:09.550 --> 00:22:13.060 Michael. And finally, and just for fun, what's the most 353 00:22:13.090 --> 00:22:18.670 groan-worthy cybersecurity AI pun or maybe cliche that you've 354 00:22:18.670 --> 00:22:19.480 recently heard? 355 00:22:20.230 --> 00:22:22.660 Tom Field: Okay, before we get there, I want to take the 356 00:22:22.660 --> 00:22:25.600 opportunity to announce to our audience that we have just 357 00:22:25.600 --> 00:22:32.680 debuted our own AI site under the ISMG umbrella. AIToday.io. I 358 00:22:32.950 --> 00:22:35.200 say that I think it's Old MacDonald had a farm. 359 00:22:36.250 --> 00:22:41.020 AIToday.io. Please go there. If you're looking for technology, 360 00:22:41.110 --> 00:22:44.860 if you're looking for use cases, if you're looking for insights 361 00:22:45.010 --> 00:22:47.650 on what organizations are doing to embrace the types of 362 00:22:47.650 --> 00:22:50.140 technologies that Michael is talking about, if you're looking 363 00:22:50.140 --> 00:22:55.720 to learn more about the business of AI, AIToday.io is the place 364 00:22:55.720 --> 00:22:58.810 to go. So that's the plug I want to put out there first, Anna. 365 00:22:59.890 --> 00:23:04.840 Then I want to get to the groan, and to me, the groan-worthy term 366 00:23:06.130 --> 00:23:14.080 is this - guardrails. I am sick of hearing everyone say we've 367 00:23:14.080 --> 00:23:19.420 got to have guardrails around our usage of AI. I've driven for 368 00:23:19.420 --> 00:23:23.470 much of my life. And I have seen guardrails in many places, and I 369 00:23:23.470 --> 00:23:28.060 always see them dented. I always see them wrecked, I see where 370 00:23:28.060 --> 00:23:30.880 vehicles have gone through them. The guardrails aren't 371 00:23:30.910 --> 00:23:33.970 necessarily preventing accidents. They're just showing 372 00:23:33.970 --> 00:23:38.560 you the trajectory of the accident. So I like to hear us 373 00:23:38.560 --> 00:23:40.510 not talk about guardrails anymore. 374 00:23:40.720 --> 00:23:42.910 Anna Delaney: Very good! Okay to talk about regulation? 375 00:23:46.060 --> 00:23:49.060 Tom Field: If you have the visual image, then Marianne may. 376 00:23:50.560 --> 00:23:53.680 Marianne McGee: On my mind is more along the lines of 377 00:23:53.680 --> 00:23:59.140 breaches, it's not a matter of if, it's when. And you hear this 378 00:23:59.140 --> 00:24:02.590 all the time, but it's true. As cliche as it is, it's pretty 379 00:24:02.590 --> 00:24:03.310 much true. 380 00:24:04.630 --> 00:24:07.660 Anna Delaney: Yeah, that's a cliche I hear quite often, but 381 00:24:07.660 --> 00:24:10.720 as you say, there's a reason for it. Michael? 382 00:24:11.680 --> 00:24:13.390 Michael Novinson: I'm not necessarily going give you a 383 00:24:13.390 --> 00:24:17.860 slogan but I think a lot of the examples I've seen are really 384 00:24:17.860 --> 00:24:20.380 focused on the novelty and it's silly like I've just been to a 385 00:24:20.380 --> 00:24:22.390 lot of trade shows and stuff where they have it write a poem 386 00:24:22.390 --> 00:24:27.640 about the company or sing a song or just do kind of novel fun 387 00:24:27.640 --> 00:24:30.580 stuff that people are doing with relaxes a couple years ago and I 388 00:24:30.580 --> 00:24:33.340 think it gets people in the wrong frame of mind that this is 389 00:24:34.630 --> 00:24:38.890 essentially not a joke, but just something that's meant to 390 00:24:38.890 --> 00:24:42.040 generate laughs But really, this is a incredible business 391 00:24:42.040 --> 00:24:44.350 opportunity tool, without nowadays like demonstrate the 392 00:24:44.350 --> 00:24:47.410 internet by like having it show us gifts. So I think really 393 00:24:47.410 --> 00:24:51.580 trying to move away from having to like, produce songs and poems 394 00:24:51.580 --> 00:24:54.820 for us and really, it's actually a business trade shows focusing 395 00:24:54.820 --> 00:24:58.240 on business use cases will help us up level the conversation a 396 00:24:58.240 --> 00:24:58.750 little bit. 397 00:24:59.050 --> 00:25:00.400 Tom Field: Yeah. AI-AI-O! 398 00:25:01.810 --> 00:25:05.080 Anna Delaney: The gimmicks, yeah, for sure. Trusted partner 399 00:25:05.110 --> 00:25:07.960 always makes me laugh. And also humans are the weakest link. 400 00:25:07.960 --> 00:25:12.010 I've got to say that, it often comes up as part of this lazy 401 00:25:12.010 --> 00:25:17.470 blame game, I think. But three years this month, November 2020, 402 00:25:17.530 --> 00:25:22.390 your former president before the presidential election, he stated 403 00:25:22.390 --> 00:25:26.020 nobody gets hacked, which I thought was quite fun one. 404 00:25:26.590 --> 00:25:31.510 Remember that? To get hacked you need somebody with 197 IQ, and 405 00:25:31.510 --> 00:25:35.950 he needs about 15% of your password. Just thought I'll 406 00:25:35.980 --> 00:25:36.910 throw that gem in. 407 00:25:39.180 --> 00:25:39.690 Michael Novinson: Thank you. 408 00:25:41.790 --> 00:25:43.710 Anna Delaney: Well, thank you very much, all of you. This has 409 00:25:43.710 --> 00:25:45.690 been great fun and very informative. 410 00:25:46.440 --> 00:25:47.370 Tom Field: Thanks for having us over. 411 00:25:49.080 --> 00:25:49.680 Marianne McGee: Thanks, Anna. 412 00:25:50.010 --> 00:25:52.320 Anna Delaney: Thanks so much for watching. Until next time!