Cybersecurity and AI are two of the most spoken topics right now, and they are essential to the success of the future’s healthcare ecosystem. In this episode, we chat with Pascal Podvin and Jeremy Haltom while we were together at the ViVE conference this year. Pascal is the Chief Revenue Officer, while Jeremy is the director of Sales Engineering, at Ordr, a company that is leading the IoT security field.
Pascal and Jeremy explain how Ordr works, how they are securely connecting devices, and what things are important to take into account to make the business scalable. They also share their part of the work in ransomware and the log4j vulnerability problem.
About Pascal & Jeremy
Pascal Potvin, Chief Revenue Officer of OrderWit Me. Pascal’s been making his mark in Silicon Valley startups since 1991 and as a cybersecurity expert since 2014, with deep knowledge of the US, European and Asian markets, he’s driven hypergrowth businesses to $100 million dollars consistently leading the way to optimal exits. Prior to joining Order, he held CRO and CEO positions with SAS enterprise software companies. Based in New York City, Potvin has a passion for sales, strategic alliances, and customer engagement, as well as for driving VC funding.
Jeremy Haltom is the VP of Sales Engineering at Ordr and has over 20 years in the wireless networking and technology industries working for both early-stage startup companies and fortune 500 companies. At Ordr, Jeremy specializes in helping companies deal with the problem of discovering, profiling, and securing IoT and IoMT devices. Outside of securing customer networks, you can find Jeremy competing in Ironman events or tinkering in the garage building cars and even the occasional hovercraft.
Outcomes Rocket Podcast_ViVe_Saul with Pascal Podvin & Jeremy Haltom – Part 1: this mp3 audio file was automatically transcribed by Sonix with the best speech-to-text algorithms. This transcript may contain errors.
Saul Marquez:
Hey everybody, welcome back to the Outcomes Rocket! My name is Saul Marquez and I’m so excited to be here at ViVE with two amazing health tech leaders. I’ve got Pascal Potvin, Chief Revenue Officer of Order With Me. Pascal’s been making his mark in Silicon Valley startups since 1991 and as a cybersecurity expert since 2014, with deep knowledge of the US, European and Asian markets, he’s driven hypergrowth businesses to $100 million dollars consistently leading the way to optimal exits. Prior to joining Order, he held CRO and CEO positions with SAS enterprise software companies. Based in New York City, Potvin has a passion for sales, strategic alliances, and customer engagement, as well as for driving VC funding. I also have the pleasure of Jeremy Haltom joining us, he’s the director of Sales Engineering at Order, responsible for the Global Sales Engineers Efforts and initiatives. His background is in networking, computer engineering, electrical engineering, networking, and a specialty in cybersecurity. It is such a pleasure to have both of you here with us today!
Jeremy Haltom:
Thank you very much.
Pascal Podvin:
Thank you. It’s great to be here as well.
Saul Marquez:
So let’s, let’s get started, fellas. What’s the one thing that you’ve loved about the ViVE event thus far?
Pascal Podvin:
I think it’s, it’s a small-scale event, and I think it’s an event that has a soul, right, we could feel that, that vibe, that ViVE I should say, and we don’t find that in larger conferences. So I think that’s what’s great about ViVE and we just hope that it’s going to keep that that touch.
Saul Marquez:
I love that. That’s a, that’s a great one, and I feel it, too, I feel the soul, I feel the soul. How about you, Jeremy?
Jeremy Haltom:
Yeah, it’s great looking around and seeing all the different vendors. So great kind of swath across the entire industry, seeing everybody from cybersecurity to HR and everything else, it’s good to be at all in one place.
Saul Marquez:
Good mix, it’s a good mix for sure. Yeah, and so one of the things that keeps coming up is, is cybersecurity, AI, there’s so many hot topics, access, what’s the number one theme health systems need to be mindful of in 2022?
Pascal Podvin:
Well, look, I mean, there is a lot of talking about the, the hospital of the future, right? Everybody is talking about digital patient communication, telehealth, teleservices, robotics, remote monitoring, and so on. I think the key point is that all of those themes are converging towards the proliferation of connected devices. And it’s all great, except that those connected devices potentially have vulnerabilities, potentially create threats into the organization, and so cybersecurity is paramount to the success of, of the hospital of the future.
Saul Marquez:
Yeah, I couldn’t agree with you more, Pascal. And as we seek to understand this, this hyper-connected world, the digitization is sort of, help, I mean, we’re kind of losing track of where those vulnerabilities are. So having, having visibility to where those are is critical. Jeremy, what are your thoughts around how do you find those, those vectors of entry?
Jeremy Haltom:
Sure! It is very important to look at the hospital as a complete organization, right? It’s not just the medical devices, it’s the elevators, it’s everything, is interconnected, especially when you’re talking about patient care, which is really what we’re here about, right? It’s all about the patient care at the end of the day, but being able to go in through multiple different methods because there’s no one right way. So having multiple methods of getting the data that you need to see what those vulnerabilities are, identify them, and most importantly, actually do the security for those.
Saul Marquez:
Love it, yeah, some great insights there. What do you guys think is the top one tool or technology that’s going to transform healthcare as we know it?
Pascal Podvin:
That’s a tough one. I think definitely AI is, is a topic that everybody is talking about. I believe that AI is going to play a key role in cybersecurity as well. And we are actually using AI quite extensively in our ability to determine what is normal behavior for any type of device. Manual labor in that field would, would be defeated, right? There are so many different types of devices and you need to go so granular in the number of attributes that you need to collect about the devices to really understand what they are. So I believe that AI would be number one on my list.
Saul Marquez:
I love it.
Jeremy Haltom:
Especially when you’re talking about the fact that we’re having a personnel shortage, it’s very difficult to hire right now. So anything you can do to make everyone more efficient, whether it’s people, machines, the care of a patient, that’s really what we want to focus in on.
Saul Marquez:
Yeah, yeah, that’s fantastic. And so with AI helping us do some of these things, there’s also the importance of, of people. And right now, we’re, we’re having to take care of a lot of these shortages, to your point, Jeremy, to help our clinicians and with that shifting care to the home, so as you guys think about care in the home, what would be some of the watch-outs that you, that you would recommend providers, payers, companies pay attention to?
Pascal Podvin:
Well, I think, again, you know, cybersecurity is going to be the number one theme here. You know, we used to, to live in a world where the network was the perimeter. Now everything is in the cloud, you’re taking clinical services to, to the home. What is the concept of network anymore? So all the security that’s been built around this, this network perimeter, like firewalls and so on, are becoming obsolete in that new context. And that’s where Order comes into the game, you know, providing security beyond that concept of, of network.
Saul Marquez:
I appreciate that. And I think it’s worth sort of pausing for a second and diving into Order. Can you give us the elevator pitch on it? What exactly do you guys do? What do you provide? How do you do it?
Pascal Podvin:
Yeah, absolutely. So we are the leader in IOT security. What we do is we secure connected devices. And when you think about it, there are three logical steps and it really makes sense. You cannot secure anything that you don’t know about that you don’t understand. So the first step is to see what do you have connected on the network? And we’re talking of high level of granularity. You know, it’s not just on the understanding that you have an endpoint somewhere, but it’s understanding what is the brand, what’s the color, you know, what’s the operating system, pretty much everything. So we collect thousands of attributes on those devices, not only that, but we try to understand what is the communication that those devices have among one another. The goal being to understand what is the normal behavior for any type of device and to have an accurate and complete view of all devices connected to the network. And you wouldn’t believe the discrepancy that we find between what hospitals believe they have and the reality of what we see. So Jeremy can talk about this in a second. So that’s the first logical step. The second step is, is to know what vulnerabilities or what threats are inherent to those devices. You could have a large number of devices that are equipped with a completely obsolete operating system, therefore creating massive vulnerabilities for the, for the hospital, so what do you do with those devices, right? Are you going to replace them? Are you going to do something to isolate them and give them just the degree of behavior that they can without creating a threat for the organization? And that leads to the third step, which is to secure, see-know secure, secure means in real-time and proactively creating measures about those devices to make sure that they are 100% safe for the organization. That’s in a nutshell what we do. So we’re the leader in the, in the healthcare industry. We probably have thousands of hospital clinics and healthcare organizations of various types using our system. And what’s important is that the largest healthcare organizations use our solution. Companies like Mayo Clinic, Cleveland Clinic, and others use our solution, and sometimes even fund Order, that’s the case of Mayo Clinic, that’s the case of Kaiser Permanente, for instance, their venture arms or funding our business.
Saul Marquez:
Some great partnerships they have.
Pascal Podvin:
So that’s Order, yes.
Saul Marquez:
Thank you for that, thank you for that. Jeremy, do you want to add anything to that?
Jeremy Haltom:
Yeah, absolutely. When you talk about the see-now secure, you know that seeing portion is really important because when you’re talking about cybersecurity frameworks, things like Nest and other kinds of frameworks, always the first step is to know what you have, right? That’s always key. So being able to go out there and figure out what you actually have is super important. Then the knowing portion, whether it’s what are they doing, what vulnerabilities or where are they? You know, as an example, just last week I was at a prospect, we did a test and two of their heart monitor controllers for open-heart surgery, both of them were on the wireless guest access network.
Saul Marquez:
Oh, shoot!
Jeremy Haltom:
Right? So these are the sorts of things that if you don’t have that see and that, know, you can never even get to the stage of what we want to get to, which is the secure, right? Securing those devices so that we’re both proactive and reactive in a security mindset.
Saul Marquez:
Yeah, that’s great. And so how do you guys do it? Like, what’s the, what’s the secret sauce? Why are you guys having success here?
Jeremy Haltom:
Sure. So, I mean, there’s several different ways that we go about it, you know, from a technical perspective as we’re watching all of the networking traffic. But that’s not the only way, right? There’s tons of different integrations that we have, so I can look at traffic, I can talk to PMS, I can talk to healthcare systems, you know, I like to go and get a lot of data from a lot of sources because the more data I get, the smarter I become and the smarter I can, I become, the more valuable I am for all the different personas or the different organizations inside of the clinical setting.
Saul Marquez:
That’s great.
Pascal Podvin:
And you want to do this in a completely automated fashion in order to be able to scale, but many organizations have a manual process when it comes to classifying and profiling devices. That’s all great, but it’s not scalable. And so we do our work in a completely automated fashion, now this way, AI I was talking about a minute before is, is ,is playing a key role.
Saul Marquez:
Very good, very good. Thank you for that, really appreciate it. So burnout is very real. Everybody’s suffering, post-COVID everybody’s quitting people. I mean, retention is a challenge. So how is your solution potentially aiding in reducing the burden on clinicians?
Pascal Podvin:
Well, not everybody is quitting, thank God. But no, but it’s true, there is a there is a real shortage of resources. And all the organizations that we’re talking with are, are pointing to this, this massive problem. So obviously, automation is playing a key role in helping mitigate the risk of not having the enough people or not having the appropriate skill set. And when it comes to cybersecurity, the skill set can be extremely sharp. And so it’s not easy to find the right people, that’s one way. We also provide a large set of services around our solution to help our customers deploy our solution without drawing too much on their own resources. But we provide those resources all the way to manage services where we are, we actually work with MSSP partners to provide that solution to them, and therefore it is for them a solution that is not requiring too many of those difficult to find skills, internally.
Saul Marquez:
Yeah, that makes a lot of sense.
Jeremy Haltom:
And we just released last week our Order Eights, which has clinical defender. And clinical defender is a way of using our product in such a way that the things that a clinician or an STENT team needs to deal with are populated instantly upon logging in. So a lot of the pointing and clicking and trying to find things right which will burn you out because it’s not very exciting, right? We bring the things that matter, the actionable things that you need to do and work on today right to the forefront so that you can go and perform those actions and move on and perform other tasks.
Saul Marquez:
I love it. This is great. And this is for for physicians, nurses, anybody using the system?
Jeremy Haltom:
It’s primarily geared for the more of the technology teams.
Saul Marquez:
Oh, okay, IT and biomed.
Jeremy Haltom:
Biomed, ITs, security, all those kinds of folks have to deal with the cybersecurity side of things.
Saul Marquez:
I appreciate that. Thanks for for clarifying that. Well, you guys are no doubt doing some some fantastic work, you’ve got some great partnerships, what takeaway point would you leave our listeners with and what’s the best place that they could learn more about you and reach out to engage with you?
Pascal Podvin:
Okay. So, I mean, there are a few things that are real that are happening real time right now. Everybody is talking about ransomware, the role that we play in helping mitigating ransomware is, is fabulous in terms of not only the ability to detect a threat, a ransomware threat that is developing, but also the time to react if one of those threats is is becoming real, and Jeremy can talk about our ability to, to do that and why we’re saving so much time to organizations. The fact is, the multiplicity of tools and people involved in a ransomware attack is so great that it leads to paralysis very often. And that’s how an organization gets to the point where it’s being ransomed, right? And so we, Jeremy will talk about how our technology can help there, or technology is helping very much in the log4j problem that that had recently and that everybody is talking about as well.
Saul Marquez:
What problem is this, Pascal?
Pascal Podvin:
Well, let’s have Jeremy talk a little bit about the technical aspects of it. And then obviously you may know that there are a few events happening in the, on the Russian border. And so everybody’s anticipating tremendous growth in the risk coming from, from cyber attacks driven by Russia, and we’re seeing a lot of that happening real time as well. So those are some of the key points that I think hospitals may want to take away from, from that podcast. And then when it comes to get in touch with us, probably the best place to start is our website order.net. There is there is a wealth of information.
Saul Marquez:
It’s ORDR.
Pascal Podvin:
That’s correct. ORDR.net, ORDR.net.
Saul Marquez:
And we’ll put the the link to the website in the show notes, folks, so just go on and click on that so you can check out some more information on them. I think, Jeremy, you were going to touch a little bit on the tech, tech stuff and then we’re going to wrap up.
Jeremy Haltom:
Yeah, absolutely. So we’re talking about ransomware or the log4j. So log4j is a vulnerability that applies in the logging mechanism of Apache Web servers, which, a lot of people use Apache, right? There’s a lot of those sorts of systems out there. But at the end of the day, because the order system is watching all of the traffic and we’re learning using our AI and everything else, we can identify not only malware but log4j or any of the other vulnerabilities that have happened or honestly will probably continue to happen, right? I mean, we’re finding new things every day, but having that ability to detect that by watching the traffic, create the alarms, integrate with all the other different kinds of systems, whether it’s Sims or Alerts or SOC type stuff, being able to automate that entire process to go back to what Pascal was talking about, is that analysis paralysis, right? How do we eliminate that and go from detecting to an action as fast as possible, because the faster we can solve that problem, the lower our risk score is, so time to resolution is really important in risk.
Saul Marquez:
That’s fantastic. Well, guys, this was a great session. Folks, we’re going to do a part two to this where we actually dive into some use scenarios with a couple customers, and so make sure you check that out. Excited to, to share that with you all. But Pascal, Jeremy, thank you both for spending time with us today.
Pascal Podvin:
All right. Thanks a lot, Saul, it was a pleasure to be with you.
Sonix has many features that you’d love including world-class support, share transcripts, automated translation, transcribe multiple languages, and easily transcribe your Zoom meetings. Try Sonix for free today.
Things You’ll Learn
Resources