Episode Transcript
[00:00:00] Hi, I'm Eric Weeden, a seasoned go-to-market software executive, team builder, and a catalyst for revenue growth. My journey is fueled by a profound passion for ushering in a new era of dental healthcare through cutting-edge AI technology.
[00:00:17] Hi, I'm Liz Strikwerda. Since 2008, I've been immersed in the world of dental marketing and business technology. At TrueLark, I focus on explaining how generative AI can help multi-practice dental organizations scale while redefining the patient experience. Together, we welcome you to navigating DSO innovation, where we have unfiltered conversations with dental leaders and discuss how they are using tech to win in this booming market.
[00:00:48] Liz: Hello, everyone, welcome to Navigating DSO Innovation. In this episode, we're delving into the latest in cybersecurity tailored specifically for the dental and healthcare industries. We're honored to host Gary Salman, CEO and co-founder of Black Talon Security. With decades of experience in software development and IT, Gary is a pioneer in cloud-based healthcare systems. He's not only a sought-after speaker and writer on cybersecurity threats but has also trained tens of thousands of practices across the US on maintaining best practices in cybersecurity. Black Talend Security, under Gary's leadership, has successfully assisted with some of the largest ransomware attacks in US history, recovering all data and preventing millions of dollars in damages. Thanks for being with us, Gary. That's an impressive bio.
[00:02:06] Great. So, to start off, how has the cyber threat landscape evolved over the past year? And specifically, how has the healthcare sector been affected?
[00:02:17] Gary: Yeah, so I think the data kind of points at one really specific thing. So if you look at the Internet crime report that the FBI just released related to cyber attacks against critical infrastructure in 2023, the number one attacked industry was healthcare. In 2023, we would expect that to be government sector financial institutions like banks, investment companies, etc. No, but the number one on the list was actually healthcare.
And I believe what's happening in the cyber world specific to threat actors, which is kind of the fancy word for hackers, the threat actors now realize that the pot of gold is in the healthcare space because of the wealth of information that's stored on these networks. So if you think about what businesses or healthcare entities store on their servers related to patient data. They have the name, address, social, date of birth, patient data, insurance cards, driver's licenses. Like just literally a treasure trove of information. And they also understand our laws related to privacy. So when a hacker gets into a healthcare system and they see the data that they have access to, they instantly realize, I got them, right. This group is going to have to pay the ransom because if they don't, what the hackers will do is they will not only steal the data but they will publish the data, and that will put the healthcare entity into an even worse situation from a legal and compliance perspective when this patient data is scattered all over the dark web for sale. So I think that's the biggest issue that we're seeing versus other types of businesses where they're like, well, if they want a list of our clients, who cares?
There's nothing I really have to worry about from a legal or compliance perspective. And the hacking community knows that almost every doctor, dental group, medical group, they pay the ransom, unfortunately, because they can't have the data published. So that's one of the big reasons why we're seeing such a tremendous uptick. And you know what the hackers communicate, they talk about, they're like, hey, stop wasting your time going after these types of businesses. Here's the pot of gold, dental practices, and medical groups, and we're actually seeing them targeted now. We're seeing executive teams at DSOs being targeted frequently.
So, yeah, it's no joke what's going on right now. And the hackers are leveraging artificial intelligence to generate phishing and spear-phishing emails. So they don't need to have a good working knowledge of our language. They can just go into a language model engine like ChatGPT and say, hey, write me a letter. And here are all the parameters for it. And guess what, it generates a better letter than most people can write themselves. You know, so kind of like the days of broken English and improper use of our language, that's all long gone. So, you know, as much as I love AI, I'm a firm believer of it for many things, you know, it can also be turned against us.
[00:05:27] Gary: So if you look at some of the articles that are out there right now, and a lot of what a lot of government agencies are saying, it's going to be over the next couple of years, close to 100%, you know, that's the unfortunate reality of it. And that probably transcends almost all businesses. It's not just health care, but because of the points that I just brought up with health care being a huge target, my belief is at some point, a majority of health care entities will be targeted and a subset of those will be successfully breached
[00:05:58] That's really sobering, Gary. And you mentioned a term that I want to delve into a bit more for our audience who might not be as familiar with it, which is ransomware. Could you explain a bit about what ransomware is and how it works?
[00:06:11] Gary: So the term ransomware is a term that most people have become familiar with over the past few years. And what ransomware is, is a type of software that the hackers will install into your network. And once they get installed, they encrypt all of your data. And then they typically will leave you a note saying, hey, if you want access to your data, you need to pay us this ransom. And the ransom could be anything from, you know, a thousand dollars to tens of millions of dollars. You know, it really just depends on the size of the entity and the perceived ability for them to pay. And that's the other kind of a little known fact about ransomware is that they do research. The hacking community knows that if they ask for a ransom that's too high, the entity is not going to pay because they won't have the resources to do so.
And likewise, if it's too low, it's like, well, I'll just take my chances and rebuild. So they're looking for that perfect number, right. That sweet spot of, this is enough for them to pay, but it's not too much where they're going to call the FBI or they're going to call Black Talend or whoever and say, hey, I need your help. You know, so it's a very well thought out process. And once they encrypt your data, there's really no way of getting it back. I mean, I shouldn't say no way. There are some instances where people have been able to recover data without paying the ransom, but it's like point, zero, zero, one percent, it's not, it's not very high at all. So most entities when they get hit, they end up paying the ransom.
[00:07:37] Fascinating and terrifying stuff. So, given the sophistication of these attacks, what measures can dental practices and DSOs implement to better protect themselves from these threats?
[00:07:48] Gary: Yeah. So, I mean, first and foremost, there's some really basic things that entities should be doing. And the problem is a lot of entities aren't even doing those basics, right. And those basics are things like having a good firewall, having a good endpoint protection, making sure that your servers are patched and up to date. And, you know, you'd be surprised how many entities out there are still running Windows XP or Windows 7, you know, operating systems that are no longer supported by Microsoft.
So, you know, once they're in, it's just kind of game over because they can exploit the vulnerabilities. So making sure that you're running up-to-date software, that's really important. Also training your staff. You know, most ransomware attacks come in through an email, a phishing or a spear-phishing email, which is specifically targeted at an individual in the organization. So training your staff to recognize these types of attacks is really important.
And then beyond that, I mean, you know, there's some really cool technology out there. I mean, we are a cybersecurity company. So obviously, you know, I'm going to talk about some of our products, but there are some really cool technology products out there that can help in this space. And you know, we developed a product called RansomCare, which is essentially a software that you install onto your network. And it acts as a honeypot. So it tricks the hacker into thinking that they've successfully encrypted your data, when in reality, they've just encrypted a decoy data set.
And then we alert you and say, hey, you know, you've been hacked. You need to do something about it. And it's a much easier process to recover from that because now you have a clean backup. You know, if you don't have a good backup and you get hit with ransomware, you're pretty much, you know, screwed because you have to pay the ransom to get your data back. So, yeah, there are some really basic things that can be done, but there's also some really advanced things that can be done as well.
[00:09:40] Thank you for sharing that, Gary. And what about the role of cloud technology in mitigating cybersecurity risks?
[00:09:47] Gary: Yeah. So cloud technology is kind of a double-edged sword, right. So on one hand, cloud technology can help to mitigate the risk because you're offloading a lot of the responsibility onto a third-party provider. So if you're using like a Microsoft Azure or an AWS, they're responsible for the physical security of the data center, right. They're responsible for the virtualization layer. They're responsible for a lot of the security controls that traditionally a practice would be responsible for if they were running it on-premise. So in that regard, it can help to mitigate the risk.
But on the flip side of it, cloud technology can also increase the risk because now you're opening up your network to the internet. And as we know, the internet is a very scary place. So if you don't have the proper security controls in place to protect your cloud infrastructure, then it can be very risky. You know, we're seeing a lot of attacks now against cloud infrastructure, you know, AWS, Azure, Google, you know, where the hackers are specifically going after that because they know that, hey, this is where all the data is stored now. So if we can get into this, we're going to get a lot more data than if we were to target a single practice. So yeah, it's kind of a double-edged sword, but I think overall, if you're working with a good cloud provider and you have good security controls in place, it can help to mitigate the risk.
[00:11:10] Absolutely. And given the importance of protecting patient data and maintaining trust, how can dental practices and DSOs effectively communicate their cybersecurity measures to their patients?
[00:11:23] Gary: Yeah. So I think that's a really important point because trust is such a huge factor in healthcare. I mean, patients are literally putting their lives in the hands of these entities. And if they can't trust them to protect their data, then it's going to be very hard to retain patients. And we're seeing that. You know, we're seeing patients leave practices because they've been hit with ransomware and their data has been exposed, you know, and they don't trust that practice anymore. So I think communicating to the patients that, hey, we take your security seriously. Here are the steps that we're taking to protect your data. You know, that could be as simple as putting up a sign in the waiting room that says, hey, we use encryption to protect your data or we do regular security audits to make sure that your data is safe.
You know, just simple things like that to let the patients know that, hey, this is something that we take seriously. And if you have any questions about it, feel free to ask. You know, I think that goes a long way in building trust with the patients.
[00:12:22] That makes a lot of sense, Gary. And as we near the end of our time together today, are there any final thoughts or pieces of advice you'd like to leave our audience with?
[00:12:32] Gary: Yeah. I mean, I think the biggest thing is just don't assume that it won't happen to you. You know, I think a lot of practices and a lot of entities in general, they kind of have this mindset of, oh, well, you know, we're too small or we're not a target or, you know, we're not doing anything that's, you know, that would attract a hacker. And the reality is that hackers don't discriminate. You know, they're looking for low-hanging fruit. They're looking for entities that have vulnerabilities that they can exploit. And so just because you're a small practice or you're a small DSO or whatever, that doesn't mean that you're immune to this stuff.
So I think, you know, just taking it seriously and doing the basics, you know, having a good firewall, having a good endpoint protection, you know, doing regular security audits, training your staff, just the basics can go a long way in protecting you from these types of attacks. And then, you know, beyond that, there are some really cool technologies out there that can help to mitigate the risk even further. But I think, you know, just don't assume that it won't happen to you because it very well could.
[00:13:35] Eric: Absolutely. Thank you so much, Gary, for your insights today. It's been incredibly valuable having you on the show.
[00:13:41] Gary: Yeah. Thanks for having me. I appreciate it.
[00:13:45] Eric: And thank you to our listeners for tuning in. Be sure to subscribe to our channel for more insights and discussions on dental industry trends and challenges. Until next time, take care.
