[00:03.020 --> 00:09.750]  So, hi, I'm Squiddy. I'm based in the Midwest of the U.S. and my talk is about security concerns of the medical laboratory.
[00:10.310 --> 00:11.830]  Next slide please.
[00:15.100 --> 00:22.260]  So, who am I? I'm a health informatics graduate student at IU, focusing on health information security and medical device security.
[00:22.260 --> 00:31.500]  I'm also a medical laboratory scientist with some phlebotomy experience thrown in as well, but I managed to get off the bench and I'm currently working in laboratory informatics.
[00:31.500 --> 00:35.900]  This talk is going to be about things that I noticed during my first year in the medical laboratory
[00:36.680 --> 00:44.500]  that concern me just a little bit and things that I would personally like to see changed or see improvements on. I'm going to focus a bit more on
[00:45.100 --> 00:50.520]  bringing awareness to the field itself and on some physical security concerns more than anything.
[00:50.720 --> 01:00.500]  It's going to be part of a two-part talk. I hope to give the second part one of these days, but I'll focus more on data transmission between lab analyzers and the EHR system.
[01:01.500 --> 01:02.800]  Next slide please.
[01:04.620 --> 01:14.160]  So first, what is a medical laboratory scientist? A medical laboratory scientist, in short, performs diagnostic testing on patient samples in the medical lab.
[01:14.160 --> 01:24.000]  We ensure specimen quality, interpret test results, log test data, controls, perform statistical analysis to verify accuracy and repeatability of testing.
[01:24.000 --> 01:33.880]  We also work with laboratory instrumentation or analyzers to perform calibration, maintenance, and validation and the troubleshoot instrumentation.
[01:33.880 --> 01:43.560]  We might help providers select an appropriate test to run. We have some more advanced education and training in areas like chemistry and biology, including microbiology,
[01:43.560 --> 01:52.940]  than some other healthcare workers like nurses, and we possess more of a scope of knowledge than someone who's more specialized in one area, like a microbiologist would.
[01:52.940 --> 01:58.100]  So some of us are specialized in areas like micro or blood bank with our core knowledge.
[01:58.560 --> 02:05.300]  So when your sample is collected, let's say you go and get your blood drawn, the nurse or the phlebotomist will send your sample to us.
[02:05.300 --> 02:13.680]  And from there, we perform testing on your sample. Sometimes this is manual testing by hand, and sometimes that testing involves laboratory instrumentation.
[02:13.680 --> 02:23.260]  Often it's a hybrid of both. These days, the lab is mostly automated, but there are still some smaller clinical labs that don't utilize a lot of instrumentation, depending on their need.
[02:23.740 --> 02:37.020]  We're also responsible for issuing blood products for transfusions. According to the CDC, an estimated 70% of medical decisions are based on laboratory test results, and 14 billion laboratory tests are ordered annually.
[02:37.640 --> 02:39.300]  Next slide, please.
[02:39.940 --> 02:49.480]  So how are we regulated? Centers for Medicare and Medicaid Services regulates all laboratory testing except for research performed on humans in the U.S. through CLIA,
[02:49.480 --> 03:01.080]  or the Clinical Laboratory Improvement Amendments, which regulate laboratory testing and require clinical laboratories to be certified by the CMS before they can accept human samples for diagnostic testing.
[03:01.080 --> 03:11.160]  The objective of CLIA is to ensure quality laboratory testing, and three federal agencies are responsible for CLIA—the FDA, the CMS, and the CDC.
[03:11.480 --> 03:17.820]  Each agency has a unique role in assuring laboratory quality testing, and I'll provide a link at the end
[03:18.380 --> 03:30.840]  with citations for a bit more information so that you can go and read a little bit more about how we're regulated, because it's very important information, but I think it's a little bit too lengthy for a 20-minute talk. Next slide, please.
[03:31.620 --> 03:42.180]  So getting into the clinical laboratory and what kind of environment it is, there are multiple departments in a clinical laboratory, and these departments vary by the size of the clinical lab and complexity of testing.
[03:42.180 --> 03:52.780]  For example, a laboratory at a major hospital will be made up of the following departments. We have chemistry, where we perform thyroid and hormone-level tests—things like potassium levels, lipid panels.
[03:53.740 --> 03:59.740]  Immunology, for the study of immune products, like antibodies produced by the body in response to foreign material.
[04:00.040 --> 04:04.600]  Hematology and COAG, where your blood count is done and your blood cell morphology is examined.
[04:05.340 --> 04:12.060]  Microbiology, where we do some really cool stuff, like culture samples for E. coli and Salmonella—things like Pseudomonas and C. diff.
[04:12.460 --> 04:16.300]  Blood Bank, where we type your blood and issue blood products for transfusion.
[04:17.500 --> 04:22.520]  There's also going to be a processing and receiving department for samples coming into the lab.
[04:23.360 --> 04:24.680]  Next slide, please.
[04:25.680 --> 04:37.440]  The lab is occupied by various medical professionals. First and foremost, we have medical or clinical laboratory scientists, also known as medical laboratory technologists, who perform complex laboratory testing.
[04:37.440 --> 04:49.200]  We'll perform exacting tests, like molecular and genetic testing, and we also deal with samples that present unusual diagnosis challenges and select appropriate testing agents and methodologies for them.
[04:49.200 --> 04:55.640]  Becoming an MLS requires a four-year Bachelor of Science degree, part of which will be a clinical rotation in a hospital laboratory.
[04:56.140 --> 05:04.380]  For laboratory technicians, they're also supposed to perform routine testing in order to assist medical lab scientists and technologists perform their duties.
[05:04.540 --> 05:09.340]  Theirs is typically a less comprehensive two-year program, and there are certain tests they can't perform.
[05:09.400 --> 05:16.980]  But the truth of the matter is that sometimes they end up performing a lot of the same testing as we do, especially since there is a shortage of laboratory scientists.
[05:16.980 --> 05:32.540]  The other players in a lab are lab assistants, who can assist us in receiving samples and bringing them to appropriate departments, our phlebotomists, who perform blood draws for testing, senior techs and heads of departments, and the laboratory director. Next slide, please.
[05:33.180 --> 05:40.540]  So the key point here is that there are a lot of different workers in a lab working all at once and handling a large amount of patient data.
[05:40.540 --> 05:50.620]  Laboratory workers can also come and go, leave one lab and work in a different lab. But because there is a shortage at the moment, it's been difficult to keep labs appropriately staffed.
[05:50.620 --> 05:57.180]  Since there is such a shortage, employers are willing to hire techs who may be a little less qualified, still need a little bit more training.
[05:57.260 --> 06:06.200]  Because of the need for lab techs who can handle patient testing, new techs may have their training cut short a bit and may be thrown on the bench to handle testing a little earlier than usual.
[06:06.200 --> 06:13.240]  And so lack the training that some other techs would have received. So if we're looking at the appropriate handling of patient data, then right away,
[06:13.240 --> 06:21.520]  there may be techs who lack that training or who didn't receive a full training schedule who are handling patient information, and it can lead to mistakes being made.
[06:21.520 --> 06:30.720]  For example, a lot of the time, cell phone use, especially for things like taking pictures, is only permitted under very specific circumstances in the lab or not at all.
[06:30.720 --> 06:36.180]  I've worked at places where some use is allowed, specific use is allowed, or phone usage is not permitted at all.
[06:36.200 --> 06:43.040]  And not every tech coming in is going to know that or know that usage is limited to prevent an accidental breach of patient data.
[06:43.420 --> 06:49.500]  A busy lab and a shortage of staff means that techs have to be able to move between departments in a rapid fashion.
[06:49.500 --> 06:57.500]  We may put a sample down that we're working on and move to another department to complete a test, then come back, pick up that sample and continue where we left off,
[06:57.500 --> 07:04.660]  even when it's best practice to sit down and finish a test to completion before moving on. Sometimes it's just not possible.
[07:05.120 --> 07:10.600]  Sometimes techs working third shift, there may only be two or three techs working all of the departments at once.
[07:11.980 --> 07:22.160]  When we perform testing, we often resolve this testing in our laboratory information systems, such as Cerner, SoftLab, or MetaTek. And to do this, we have to log into a computer to access the software,
[07:22.160 --> 07:30.360]  which brings us to the next part of the talk, which is technology that resides in our lab, instrumentation, and our LIS system. Next slide, please.
[07:31.140 --> 07:39.480]  There are a multitude of laboratory analyzers for use today. For example, if you've checked out the medical device lab at the Biohacking Village, you'll see the ID Now,
[07:39.480 --> 07:44.900]  which is this middle picture on the bottom here, and that's used for point-of-care COVID testing.
[07:44.900 --> 07:49.820]  We have chemistry analyzers like the Vitros that run the thyroid tests and hormone panels.
[07:49.820 --> 07:58.800]  We have urinalysis analyzers like the Clinitech, analyzers for blood cultures, analyzers in BloodBank like the OrthoVision to perform our type and screens.
[07:58.800 --> 08:05.620]  All of these analyzers are going to interface a little differently. They'll be running on different operating systems and handle data differently.
[08:05.780 --> 08:14.480]  Each instrument may be from a different vendor. There may be older analyzers mixed in with brand new ones. For example, in my clinical rotation in 2021,
[08:14.480 --> 08:24.340]  we had a Stago coag analyzer running on DOS, and across the room, a brand new Vitros for chemistry, and this was at a major hospital. Next slide, please.
[08:25.860 --> 08:34.240]  These instruments send data to the Laboratory Information System, like Cerner, and sometimes techs may have to enter or verify test data there.
[08:34.460 --> 08:52.060]  Laboratory Information System, or LIS, is used interchangeably with Laboratory Information Management System, or LMS, but LIS is more patient-based, whereas Laboratory Management System is typically more of a sample-based process. Next slide, please.
[08:52.060 --> 09:03.180]  When the information goes out of the LIS, it will go to a middleware like Cloverleaf to streamline the exchange of patient data between the LIS and the EHR patient record system, like Epic.
[09:03.300 --> 09:17.520]  There may be a middleware used between the instrument itself and the LIS, and middleware is often one step used to establish a web-based interface which can support all the standards like ASTM, HL7, and ICOM data transfer from an analyzer.
[09:17.520 --> 09:24.220]  Each analyzer may use a different data transmission standard. A lot of analyzers still communicate using ASTM.
[09:24.840 --> 09:26.380]  Next slide, please.
[09:26.380 --> 09:45.620]  When examining security concerns or vulnerabilities in the medical laboratory, we have to worry about three things, or three areas. Physical access to the laboratory computers or instrumentation, the variation in instrumentation and how they each handle patient data, especially in terms of storing and transferring that data.
[09:45.940 --> 09:55.700]  Some older analyzers are built to store patient data on sloppy disks or tapes still, though thankfully this is not typically done, even when those analyzers are still used today.
[09:56.420 --> 10:08.500]  Simple human error. People may leave their computer terminal logged in. They may leave Epic open, which is used to view patient records. They may stay logged into the LIS on one computer and move to the next computer and log in there.
[10:08.740 --> 10:12.140]  They may take pictures and forget to obscure patient data.
[10:13.040 --> 10:14.560]  Next slide, please.
[10:15.800 --> 10:21.460]  In my almost a year and a half of walking around the clinical laboratory at different facilities, I noticed a whole lot.
[10:21.460 --> 10:37.360]  For example, a badge may be required to access a lab, but I've also noticed that if you are at least dressed like a healthcare worker and you knock at that lab door, someone's bound to let you in, since sometimes nurses and other workers will come down to the lab either to grab blood products or deliver samples.
[10:39.320 --> 10:43.240]  Sometimes we've had to move samples from one lab to another.
[10:43.240 --> 10:54.680]  And I'm not going to say where this was at, but we've had people call in their relatives or non-healthcare workers to deliver samples that have patient information between the two laboratories.
[10:56.120 --> 11:08.120]  A password may be required to access computers and used to access patient data, but the same password is often used between computers, network, the LIS, and the patient record system.
[11:08.120 --> 11:17.360]  While a password change is usually required at least once every three months from what I've seen, there isn't always a restriction in place to prevent users from reusing an old password.
[11:17.660 --> 11:31.220]  There is a constant flow of text in and out of the lab, rotating between departments, often forgetting to log out of their computer or leaving the patient record system logged in, which means someone else could gain access to their session and grab data.
[11:31.220 --> 11:41.280]  There is physical access to computers with open USB ports and the ability to plug in devices like keyboards and mice that you bring from home without the device being screened first.
[11:41.540 --> 11:47.180]  There is also no camera surveillance in the lab, as surveillance can itself result in a HIPAA violation.
[11:47.220 --> 11:55.100]  But this also means should patient data be accessed at a computer under one login, there isn't always a way to check who was sitting in that chair.
[11:55.100 --> 12:02.520]  Some people will clock out for lunch and go to the break room and then go back in the lab periodically to check a sample running on an analyzer.
[12:02.520 --> 12:07.680]  So the clock officially shows them on break, but they may in fact be in the lab handling samples.
[12:08.200 --> 12:11.160]  There may not always be an electronic trail of that.
[12:12.840 --> 12:14.720]  Next slide, please.
[12:15.100 --> 12:22.260]  To me, right now with the current level of understanding, the biggest concern is, of course, an always human error.
[12:22.260 --> 12:30.180]  It's people leaving their session logged in, writing down passwords on sticky notes or using simple ones, sharing passwords.
[12:30.180 --> 12:34.200]  It's people forgetting to lock their machine despite being informed to do so.
[12:34.200 --> 12:39.880]  People using each other's badges to gain access to an analyzer and run a sample.
[12:39.880 --> 12:42.780]  Outside of training sometimes as well.
[12:42.800 --> 12:45.960]  A lot of techs don't understand the severity of these actions.
[12:45.960 --> 12:56.100]  And I think one way we can fix this is to hold more informational sessions in the lab and focus not only on the fact that it's important to log out or lock your session.
[12:56.100 --> 13:02.580]  But what could also happen if they don't and what the consequences could be for a patient and for the tech who left their session open.
[13:02.820 --> 13:07.420]  Many don't seem to understand the level of impact this can have on a patient's life.
[13:07.420 --> 13:16.280]  Even if a tech slips up or acts maliciously with patient data and is caught and terminated, that won't prevent that data from circulating once it's leaked.
[13:17.780 --> 13:19.480]  Next slide, please.
[13:19.740 --> 13:22.080]  So why should you care? Because it's your data.
[13:22.080 --> 13:28.820]  That's your SSN, that's your date of birth, your address, your test results saying you're positive or negative for something.
[13:28.820 --> 13:34.100]  Sometimes that information could be a test result for HIV, a positive cancer diagnosis.
[13:34.100 --> 13:38.000]  It's sensitive information that can have severe consequences if leaked.
[13:38.000 --> 13:41.860]  That's all your medical history, sometimes spanning throughout your entire life.
[13:41.860 --> 13:46.120]  And it's all the personal data that can be held about you in your medical record.
[13:46.840 --> 13:48.520]  Next slide, please.
[13:49.200 --> 13:52.980]  So you could help us too. We need more security-minded people.
[13:52.980 --> 13:55.640]  We need more lab techs with a security brain.
[13:55.640 --> 13:58.980]  We need more security warriors willing to protect patient data.
[13:58.980 --> 14:05.180]  And most importantly, we need more people who care enough and who possess a background to understand healthcare workflow.
[14:05.240 --> 14:09.820]  How much restriction can we place in the lab without slowing down patient testing?
[14:09.820 --> 14:16.040]  How much security precautions can we put in place without increasing the time that a sample is run?
[14:16.040 --> 14:19.980]  And therefore, increasing the time for a patient to receive proper care.
[14:20.060 --> 14:26.380]  So if you work in cybersecurity at a facility with a medical laboratory, please get to know your lab department.
[14:26.380 --> 14:28.660]  We really want your data to be safe too.
[14:29.940 --> 14:32.720]  I guess I've really whizzed past this talk.
[14:32.720 --> 14:37.620]  When I rehearsed it before, I got up to about 17 minutes.
[14:37.620 --> 14:39.780]  We're currently at about 14.
[14:39.780 --> 14:41.940]  I guess that leaves some time for questions.
[14:41.940 --> 14:43.720]  But next slide, please.
[14:44.960 --> 14:47.880]  I have some citations that you can go and check out.
[14:47.880 --> 14:52.440]  And if you'd like a copy of the slide deck, you can DM me or send me a message.
[14:53.200 --> 14:54.400]  Next slide.
[14:55.860 --> 14:57.360]  Thanks for listening.
[14:57.360 --> 15:01.780]  This talk was mostly to bring awareness to the medical laboratory field,
[15:01.780 --> 15:05.160]  and that there are those of us who are concerned about how your data is handled.
[15:05.160 --> 15:07.760]  We really want to make things more secure for you.
[15:07.820 --> 15:11.680]  I hope this will maybe help to get people thinking about patient data in the laboratory,
[15:11.680 --> 15:14.040]  and kickstart some serious change.
[15:14.040 --> 15:18.780]  If you're here at DEFCON, come find me to get a little homemade badge of my squid character,
[15:19.210 --> 15:20.600]  or DM me on Twitter.
[15:20.600 --> 15:23.540]  I really only use the account listed here during cons.
[15:24.680 --> 15:25.960]  Thanks, you guys.
[15:36.220 --> 15:39.020]  If there are any questions, I'll do my best to answer.
[15:41.420 --> 15:48.420]  Do you think that this kind of lack of control of the data is systemic to the whole industry,
[15:48.420 --> 15:50.660]  or do you think it's only problem spots?
[15:51.820 --> 15:54.900]  I think it would be whole industry.
[15:55.000 --> 15:59.200]  I think, yes, I think this kind of thing is really prevalent throughout healthcare.
[16:02.140 --> 16:03.880]  Do you think that stronger policies...
[16:03.880 --> 16:08.880]  I know HIPAA is in place, but what stronger internal policies do you think actually help,
[16:08.880 --> 16:12.200]  or do you think you would still run into the same kind of issues
[16:12.200 --> 16:15.840]  of people just kind of ignoring them or just getting around them?
[16:16.460 --> 16:21.500]  We do have some stronger policies in place in a lot of the hospitals I've been in,
[16:21.500 --> 16:24.940]  but I don't think they do as much as people want them to.
[16:24.940 --> 16:29.780]  I think we would still run into the same problem of people just not understanding the impact.
[16:29.780 --> 16:33.080]  I feel like techs coming into the lab, people going into healthcare,
[16:33.080 --> 16:38.020]  they need more training, they need to know how this can impact patients,
[16:38.020 --> 16:42.820]  and policies aren't exactly going to explain all of that to them.
[16:42.960 --> 16:46.360]  They may put things in place, make things a little bit harder to access,
[16:46.360 --> 16:48.020]  but where there's a will, there's a way,
[16:48.020 --> 16:51.960]  and people always find a way to circumvent protocols that are put in place.
[16:57.340 --> 17:02.240]  So I've heard the horror stories of medical or laboratory equipment
[17:02.240 --> 17:09.320]  running awfully, awfully outdated software that's vulnerable in a hundred different ways.
[17:10.220 --> 17:17.540]  Do you say that internal sort of lack of awareness or internal threats
[17:17.540 --> 17:22.060]  pose a bigger risk than external threats?
[17:24.060 --> 17:28.380]  That's a difficult one to answer, but I'm going to say yeah, I think so.
[17:28.380 --> 17:37.140]  I think we're more likely to see something due to somebody slipping up than we are to an external attack,
[17:38.280 --> 17:40.760]  if that answers your question.
[17:41.680 --> 17:56.640]  What happens when something like internal to a hospital, like a medical record number is released or something like that?
[17:57.800 --> 18:05.720]  What would happen is first there'd be an investigation by compliance.
[18:05.720 --> 18:08.380]  We would try and find out the source of the leak.
[18:08.940 --> 18:14.680]  We would alert the patient immediately that this information has been leaked.
[18:14.700 --> 18:20.060]  But from there, I don't have that compliance background to let you know fully what the hospital would do.
[18:20.060 --> 18:34.360]  Okay. Also, what do you think that is limiting the big groups that run the hospitals and clinics and all that stuff?
[18:34.360 --> 18:39.060]  What do you think is keeping them from upgrading the systems and stuff?
[18:39.060 --> 18:44.920]  Because I've heard that some still run on Windows XP, I think, Windows Vista.
[18:45.480 --> 18:48.660]  Some of it just has to do with funding.
[18:48.660 --> 18:55.060]  Some of it just has to do with the funding that the medical laboratory needs to bring in these analyzers.
[18:55.640 --> 19:04.360]  And I'm not sure if you're asking the people who run these organizations if they really understand the need that we have for updated instrumentation.
[19:04.360 --> 19:06.420]  So I think that's part of it.
[19:06.620 --> 19:11.760]  And I think part of it is also that the lab gets very used to using one analyzer.
[19:11.760 --> 19:14.720]  And some people are very hesitant to change.
[19:14.720 --> 19:16.580]  I think that's another one.
[19:18.660 --> 19:25.270]  Okay. Thank you.
[19:25.270 --> 19:38.930]  What kind of positions would it be for someone that wants to get into security of hospitals?
[19:40.810 --> 19:48.190]  We have a security team and we have an IT apps team that you could join.
[19:48.190 --> 19:50.870]  You wouldn't exactly need a healthcare background.
[19:50.890 --> 20:01.070]  But I would say we would need more techs, more people in health informatics, for one, that could join the laboratory and create change from within the laboratory.
[20:01.690 --> 20:07.710]  Because we have security teams, but a lot of the problem is that they don't understand the healthcare workflow enough.
[20:10.960 --> 20:18.940]  Okay. So what you're saying is that you're looking for people that are more skilled in health informatics, right?
[20:19.520 --> 20:22.820]  Yeah, sure. Health informatics, laboratory information systems.
[20:22.840 --> 20:26.760]  People that kind of have a mix of both IT and healthcare.
[20:27.820 --> 20:29.360]  Okay. Thank you.
[20:29.460 --> 20:31.040]  No problem.
[20:35.750 --> 20:51.610]  Do you think some of the issues might be that the people working there don't actually understand the impact of violating some of the security policies that to them it seems inconsequential, not realizing the risk it's putting them in and the system in?
[20:52.030 --> 20:55.490]  Absolutely. I think that's absolutely true.
[20:56.150 --> 21:00.670]  A lot of people, they don't really think about it on a day-to-day basis either.
[21:00.950 --> 21:07.870]  It's very much, you know, we need to do what we need to do to be able to get this sample out the door and to get this sample completed.
[21:07.870 --> 21:17.710]  And if that means overriding something that's telling you, hey, stop, don't press a button, or, hey, do you want to stay logged in for this extended amount of time and they just breeze past it?
[21:18.570 --> 21:23.770]  A lot of people don't really think about those things or think about how it could impact them.
[21:36.470 --> 21:42.570]  Some of them, yeah, there is going to be, especially right now with the shortage of techs, training might be limited.
[21:42.570 --> 21:58.070]  But even for those that have had years and years of training, people who have been in the lab for 40-odd years, they still might not understand exactly how that breach can impact a patient, especially now with newer systems and newer technologies in place.
[21:58.070 --> 22:11.650]  They might not understand all of the layers that come into play in terms of patient data these days, because when they started out in the lab, they didn't have all of this information that they were working with.
[22:11.650 --> 22:15.710]  You know, mouth pipetting was still a thing. It was still very much a manual process.
[22:17.470 --> 22:23.390]  I think definitely more training, consistent education on it would be good.
[22:25.890 --> 22:26.970]  Okay.
[22:28.670 --> 22:43.170]  What are your thoughts on when the whole WannaCrypt ransomware attack happened that affected hospitals and clinics? What were your thoughts on that? Did that ever happen in your place?
[22:43.650 --> 22:46.890]  It didn't happen anywhere that I worked.
[22:48.210 --> 22:53.910]  I guess my thoughts on it was that it was terrible and a lot of people didn't know how to handle it at all.
[22:53.910 --> 23:01.590]  A lot of hospitals weren't sure how to deal with that threat. And that's just from what I've heard, because that was from before I entered the workforce.
[23:02.350 --> 23:03.230]  Okay.
[23:06.580 --> 23:07.620]  Thank you.
[23:08.280 --> 23:09.500]  No problem.
[23:25.360 --> 23:26.200]  Thanks.
[23:28.460 --> 23:38.360]  If there are any more questions, you can definitely shoot me a DM or you can come find me, send me an email. I'd be happy to talk with you more, especially about this topic.
[23:55.270 --> 24:05.150]  I didn't realize I was muted. Thank you, Squidy, for an excellent talk. Your talk in last DEF CON, which was 2020, was excellent as well.
[24:05.930 --> 24:16.090]  And if you're going to be around in here, people can talk to you in here too. I know you're at DEF CON, so you may not actually be in AllSpace VR for much longer. Is that correct?
[24:16.750 --> 24:22.690]  Yeah, that's correct. But I'll try and hang out for a little while longer if people want to come find me in AllSpace.
[24:23.270 --> 24:34.550]  Okay. And also just a reminder that we don't have any presentations scheduled for tomorrow, but the spaces will be open for people to hang out and talk and network.
[24:35.050 --> 24:48.850]  So our next presenter won't be here for roughly another 30 minutes. So now's a good time to take a bio break, wander around, look for some of the Easter eggs, talk to some of the speakers, and we'll see you back here in about 30 minutes.