Aug 6, 2020

World’s first AI health worker to help people quit smoking

digital health worker
Artificial intelligence
Leila Hawkins
3 min
World’s first AI health worker to help people quit smoking
The World Health Organisation (WHO) has launched the world’s first AI health worker to provide information on smoking and COVID-19...


The WHO has introduced a new recruit to help people stop smoking and to combat misinformation around COVID-19. However Florence is not your ordinary member of staff - she's the world's first digital health worker. 

The AI-powered assistant can be contacted by the public free of charge via a 24/7 video stream or text message. Florence then provides clear information on COVID-19 and underlying conditions that have been found to aggravate the virus. These include heart disease, diabetes, respiratory illnesses and cancer.

A key part of the assistant’s role is to help people to stop smoking. Florence is part of the WHO’s Access Initiative for Quitting Tobacco, which has the goal of helping 1.3 billion people to stop smoking. According to WHO research 60 per cent of smokers say they want to stop. Despite this only 30 per cent have access to the tools they need, like counsellors, to be able to quit. 

Misinformation around smoking has been a major issue since the beginning of the pandemic. Conflicting opinions - such as whether smoking can prevent coronavirus or even cure it, have been circulating widely. 

Florence can answer questions and respond to comments. The assistant can offer information on the implications of smoking while COVID-19 is still in circulation. As well as debunking myths around the virus and tobacco, she can help people create a tailored plan to stop smoking.  

Users are encouraged to first of all set a firm quit date. Friends, family and co-workers should be advised they are quitting so they can be supportive. Getting rid of tobacco products is also important, so the user is in a smoke-free environment. 

Florence is available throughout to provide encouragement when needed. The AI assistant can offer recommendations for other relevant apps and free phone numbers to help in case the user starts to experience difficulties giving up tobacco. 

The use of AI voice assistants is on the rise in healthcare. Providers have begun using voice assistants like Alexa and Google Home to keep patients informed of wait times. They have also become a valuable tool during the COVID-19 crisis, providing updates to patients who need to isolate. 

Florence is the first AI assistant of its kind, and is an example of how AI can benefit the healthcare sector by providing clear, effective communications, particularly at a time of crisis. 

The AI health worker has been created by Soul Machines, a company specialising in artificial intelligence. Its technology is supported by Amazon Web Services (AWS) and Google Cloud. Soul Machines hires researchers, neuroscientists and psychologists, who help develop digital assistants. They have created AI assistants for a number of different industries, with the ability to process complex information and respond to questions. 

Florence was recently unveiled by the WHO at a press conference in Geneva. Dr Tedros Adhanom Ghebreyesus, Director General at WHO, told attendees: “Today, WHO is launching the Access Initiative for Quitting Tobacco, which aims to help the world's 1.3 billion tobacco users quit during the pandemic. This initiative will help people freely access the resources they need to quit tobacco, like nicotine replacement therapy and access to a digital health worker for advice.

“We are also pleased to introduce Florence, the world and WHO's first-ever digital health worker, based on artificial intelligence. Florence dispels myths around COVID-19 and tobacco and helps people develop a tailored plan to quit.  

“Florence was created with technology developed by San Francisco and New Zealand based company Soul Machines, with support from Amazon Web Services and Google Cloud. WHO is in the final stages of adding more partners and encourages tech and medical companies to join this initiative, which will help people reduce their risk of COVID-19 and lead healthier lives.”

Florence is currently available in English, but will eventually be able to speak to people in six different languages. 

Share article

Jun 15, 2021

Why are healthcare networks so vulnerable to attacks? 

5 min
Elisa Costante from Forescout Technologies gives us the lowdown on how vulnerabilities in the healthcare sector happen, and how to secure them

Forescout Research Labs has published a study on the vulnerabilities impacting the healthcare industry’s connected devices. The research division of Forescout Technologies has published the report as part of its Project Memoria, and it reveals that healthcare organisations are affected five times more by TCP/IP vulnerabilities than any other sector. 

Elisa Costante, a software engineer and Forescout's Vice President of Research, explains why this is and how to prevent it. 

What is Project Memoria? 
Project Memoria aims to improve the security of TCP/IP stacks and understand what  the main security issues are. TCP/IP stacks are a very core component of every network device, whether it's an iPhone connected to the internet, or a robot controlling  the process of manufacturing. If they're connected to the internet they need to have a piece of software controlling communication. 

There are several variants of this software and we're analysing them to understand if they have security bugs or vulnerabilities that if misused by attackers, could lead to disruption of the device itself, and to the network at large. Our goal is to make the industry aware of the problem, and engage with stakeholders as well as the customers. 

Why is healthcare particularly vulnerable? 
This is what the data is telling us. We have a device cloud, which is like a data lake of device information. This device cloud has a lot of information about the devices, like who the vendor is, what the role of the network is, and which vertical this is. We are able to leverage this information, and join it with the intelligence we have from Project Memoria to understand which devices are vulnerable. 

We found that in healthcare there was a huge spike in the number of devices that are vulnerable - as much as  five times more than in other verticals. The reason seems to be because of the number of devices, and because of the intrinsic difficulty of addressing the problem. 

The problem surrounding TCP/IP stacks is that there is not one single vendor that is vulnerable; on average, a healthcare organisation has 12 vendors that are vulnerable. 
Let's say that on average we have 500 devices per healthcare organisation.  Then you need to contact 12 vendors for each of these. These vendors then need to issue a patch to secure the device, and this patch cannot just be automatically delivered and installed in 500 devices. You have to be realistic and think about whether each of the devices  is critical, for example if it goes down will it turn the lighting system off, or stop the MRI machine from working. 

Patches are very complex to deploy. On top of that, the patch needed might not even be available.  That's why we want to understand this problem better  so we can provide solutions. 

How much of the responsibility of keeping a device secure lies with the vendor? 
There are responsibilities that lie with all the different stakeholders, and one of these is  the vendor. There might be multiple vendors involved, which makes it very complex  from a management perspective. 

For instance the device at the end of the chain, which might be an MRI, contains a board that has a connectivity module, and this has one of the stacks that is vulnerable, which could have four different vendors. 

If the vendor responsible for the TCP/IP stack releases a patch, this patch has to go down the chain. We identified chains with a length of six vendors, so you can imagine how complex this is. Some vendors have good hygiene security and some don't because they don't know how to deal with it - they need training. 

This is a new issue related to the software bill of materials, which is being tabled for legislation at the moment to create policies regarding the complexity of the supply chain. We need to shed light on this issue so that legislators can put these policies in place to help with security.  

What can healthcare providers do themselves to stay secure? 
Visibility is important; they need to know what they have in their network. In the case of vulnerable devices they should find out if there's a patch available. If there isn't, because it's an old device for example, but it's still critical to the system, they may want to isolate it so it only communicates with the devices it really needs to. 

Interestingly enough, our research found that most of the healthcare organisations we analysed had a flat network, which means they don't have isolated devices. For instance, a drugs dispensing machine, which you typically find in pharmacies,  is connected to a building automation light system, which is connected to a switch. This is also connected to an IoT sensor device. Why would you have all of them together in the same place? 
The first step is having this information, which often comes as a surprise. Then you can take action; you can segment a network, and if you can't do that you can control the network's access by isolating devices that are risky.

How can Forescout help healthcare organisations? 
Forescout is uniquely positioned to help. We provide visibility end-to-end, which means having a full inventory of devices that includes quite granular detail, so they can know what the operating system is, who the vendor is and so on. Then we enable them to do network segmentation. 

This enables organisations to write policies around how to secure their networks, for example if a device is vulnerable specify which connected devices must be isolated, or which device it must communicate with exclusively. 

Share article