This transcription is provided by artificial intelligence. We believe in technology but understand that even the smartest robots can sometimes get speech recognition wrong.

The 229 Podcast: AI Is Gullible, And Hackers Know It With Blake SalléThe 229 Podcast: AI Is Gullible, And Hackers Know It With Blake Sallé

[00:00:00]

Bill Russell: My name is Bill Russell. I'm a former health system, CIO, and creator of this Week Health, where our mission is to transform healthcare one connection at a time. Welcome to the 2 29 Podcast where we continue the conversations happening at our events with the leaders who are shaping healthcare.

Let's jump into today's conversation.

Alright. Hey, today we have a conference interview. We're here at the HIMSS conference on the floor in the Caresoft booth. I haven't done a Proofpoint interview in over a year.

Blake Sallé: You're missing out.

Bill Russell: I'm missing out.

So you are, uh, introduce yourself in the problem you guys solve for healthcare, and then I, I really wanna delve into your solution a little bit.

Blake Sallé: Fantastic. Uh, name is Blake Salle. I'm our Chief Revenue Officer. Here at Proofpoint, I've been here for almost nine years, so wow, it's been a great time and we're still making a big difference, and that's what's important to me is how do you make a difference?

The areas that I think we address, especially as you ask on healthcare at Proofpoint, [00:01:00] we are really centered around how do we protect people and how do we defend the data that they create, they use, they leverage, whether that's across the human workspace or the agentic workspace, which certainly. Has come to the fore as of recently, and we think it's only gonna expand.

Bill Russell: So my Proofpoint email, like that's what you guys cemented that in my brain from a marketing standpoint, you guys have moved well beyond that.

Blake Sallé: We have moved well beyond it. Email is still the number one threat vector. 91% of all the compromises last year came through email. And so it's still a core area of focus, but as you think about email, think about how you protect.

People across that continuum with email being the number one threat vector. But we have expanded certainly across data security in a big way, whether that's data security for the agents or data security for the people, or data security across data loss and insider threat.

Bill Russell: What are, what are, uh, healthcare organizations worried about right now?

I mean, the, every [00:02:00] meeting I've been in so far, we've heard ai, agentic, ai, um. And the, just the fact that we're gonna be feeding those things significant data, I mean, and in some cases protected data and whatnot. And so we're talking about governance models within those AI models and whatnot. We're talking about a lot of different things, but it feels to me like, uh, we haven't really centered on a, an architecture or solution yet that is going to protect that data, which is I think what's slowing down healthcare a little.

Blake Sallé: I think a lot of the healthcare CISOs and CIOs that we speak with are really in a similar position to not only healthcare, but outside of healthcare. I think healthcare is so centered on that connected approach and how you help people, so they're ahead of the game, but the way we think about what's happening with ai, AI in so many ways will change, will shape.

Nobody knows where it's gonna evolve from. Right? I mean, we've, we've, we've gone from normal chat bots to now this full [00:03:00] extension. But if you think about ai, AI is gullible in many ways that humans are gullible. It's it's prompt, gullible. So every time you give it a prompt, it wants to please you.

Bill Russell: I would've used that prompt gullible.

It is,

Blake Sallé: it's, it's prompt, gullible, it's it's authority gullible, like it always wants to please those individuals. It's context gullible. It assumes the truth. Out of whatever is represented in there, it's format gullible. And so when you think about where AI is gullible, it's across many of the areas that humans are gullible, like AI falls for.

Uh, elements that might be in format. They mishandle data, they run code, they shouldn't, they get compromised easily. The same things that we see across Hewlett. And so what we're trying to do is provide this space in which we can protect AI with all the knowledge that we have across humans to make sure that, number one, your agents don't get tricked.

Number two, your humans don't get fooled. And number three, you protect the data that is out there. That's the lifeblood of your organization, especially across healthcare. I think if we can do that. Like, we're in a different space, and that's where we've [00:04:00] oriented ourself.

Bill Russell: Well, I wanna close out this interview by going back to email.

Email has dramatically changed in the last year. Yeah. Um, every, first of all, every marketing firm out there has figured out how to use ai. And I think the, I mean, my inbox, if my inbox has any indication, healthcare's, inboxes must have exploded just from sheer volume. The second is the sophistication. It's no longer.

A bank of, you know, whatever far off country, you know, please send me your money.

Blake Sallé: Yeah.

Bill Russell: It's much more sophisticated than that. It's, it's, uh, you know, it's, it's referencing a trip that happened to be posted on social media. I mean, it's really getting sophisticated, some of the, some of the emails coming through.

How are you guys adjusting to that landscape?

Blake Sallé: Well, look, AI has made the attacks more precise and the attacks have a greater volume, and they're reaching areas that they hadn't reached in the past. There's no longer just this grammatical. Elements. I think where we reach it from a different perspective than anybody else is [00:05:00] we're gonna, one, we know how to identify those problems.

We know how AI agents think and how humans think and where those targets are. But two, we are killing it way left of the kill chain. Many of the solutions that are out there today, you're gonna hit your AI engine first, and then those solutions are gonna come in after that. And by the way, if a prop comes in that co-pilot thinks it wants to respond to co-pilot's gonna hit it automatically.

Whereas if we catch it before even the AI engine comes in there, or we use our AI abilities to catch it earlier, then I think that we can help address that. And then the other side is how do we help the data side? Because at the end of the day, data doesn't just walk out the door. It's either a compromise user, a malicious user, or a negligent user.

We have different modalities to attach to those as well as the agents to keep that organization secure.

Bill Russell: Fantastic.

Blake Sallé: So I think it's kill left. Kill it before it gets in the organization. And for those that are within the organization, whether it's your users or your agents or somebody else that has compromised, how do you make sure your data doesn't walk out the door?

Bill Russell: Well, that's fantastic. Hey, [00:06:00] I appreciate your time and uh, look forward to next year's interview to hear what you guys are doing then. Thanks, bill. Appreciate it.

Thanks for listening to the 2 29 podcast. The best conversations don't end when the event does. They continue here with our community of healthcare leaders. Join us by subscribing at this week health.com/subscribe.

If you have a conversation, that's too good not to share. Reach out. Also, check out our events on the 2 29 project.com website. Share this episode with a peer. It's how we grow our network, increase our collective knowledge and transform healthcare together. Thanks for listening. That's all for now.