October 2024 edition of CloudWave Connections
We’ve created this newsletter for our customers to communicate what’s new, let you know about upcoming events, share customer stories, and introduce you to members of our team.
We hope you find this newsletter informative and something that you look forward to receiving. If you have suggestions for topics, or have questions about something that’s been featured here, please let us know.
A Note from Richard Phung
State of the CTOC
CloudWave’s Cybersecurity Tactical Operations Center (CTOC) is witness to the continual evolution of cyber threats targeting healthcare organizations. Attacks on healthcare IT aren’t just about data breaches—they have consequences that can affect patient safety and care delivery. Our work gives us a unique perspective on what’s happening in real time and, more importantly, how to improve our capabilities to meet these challenges.
Ransomware Still a Leading Threat
Ransomware attacks are more prevalent than ever. Threat actors persistently target healthcare organizations, and the number of attacks is increasing. [1]
Ransomware attacks can affect all facets of hospital operations, impacting IT, Operational Technology (OT), and patient-centric systems. Even if attacks do not directly target healthcare organizations, they can still impact operations by removing critical services in the supply chain, impacting patient safety and care.
Phishing is the #1 Attack Vector
Phishing remains the most common entry point for attackers across all industry sectors, with credential theft being the attackers’ typical goal. The trend is an overall increase in phishing campaigns; the healthcare sector alone is seeing a 45% increase in phishing attacks. [2]
Importance of Incident Response Plans
Preparedness helps mitigate potential damage when—not if—an attack happens. Clearly defined responsibilities and speedy execution are crucial to minimizing damages; thus, having an effective incident response plan is necessary. A recent poll revealed that nearly 40% of healthcare organizations do not have a security incident response plan. [3]
Double-down on End-User Training
Many attacks begin with a simple click that could have been avoided with user training and vigilance. Organizations should empower their staff with the knowledge to recognize suspicious activity and act cautiously. Cybersecurity is a people problem, and growing awareness and encouraging proactive behavior is often the most effective cyber defense.
Richard Phung is Director of the Cybersecurity Tactical Operations Center (CTOC) at CloudWave.
[1] https://news.sophos.com/en-us/2024/07/30/the-state-of-ransomware-in-healthcare-2024/
[2] https://news.trendmicro.com/2024/07/22/phishing-stats-2024/
[3] https://www.hipaajournal.com/37-pc-healthcare-organizations-no-security-incident-response-plan/
Stay up to date with our latest news, press releases, and events on LinkedIn.
October is Global
Cybersecurity Awareness Month
October is Cybersecurity Awareness Month, a global effort to help everyone stay safe and protected when using technology whenever and however you connect. CloudWave is proud to partner with this online safety and education initiative this October.
Cybersecurity Awareness Month is co-managed by CISA and the National Cybersecurity Alliance (NCA). Along with CISA and NCA, we are promoting these four key behaviors during October to encourage healthcare organizations and their employees to take control of their online lives.
Check out this Cybersecurity Toolkit for Healthcare to access CISA and other healthcare resources. New educational content is being added weekly.
CloudWave featured in
Healthcare IT Today
In a recent discussion with the Healthcare IT Today
Community, Mike Donahue, Chief Delivery Officer at
CloudWave, shared his perspectives on strengthening
healthcare cybersecurity and the importance of
protecting the patient first, amidst rising cyber threats.
Read the full article here.
BLOG: An Attackers’ Perspective on Cybersecurity Exploits
The best way to build a proper defense is to understand your opponent. During our recent webinar, CloudWave dissected some of the most recent and impactul cyberattacks—getting “inside the mind…”
Upcoming Events
Nebraska Hospital Association Convention
October 16-18, LaVista, Nebraska
CloudWave will be exhibiting at the annual Nebraska Hospital Association Convention at Embassy Suites Conference Center. We’re looking forward to a great convention.
New England HIMSS Annual Digital Health Conference
October 17, Worcester, MA
CloudWave will be at the 2024 New England HIMSS Annual Digital Health Conference. Stop by our table
and say hello.
CloudWave sponsors HIMSS Central & Southern Ohio Chapter
October 18, Dublin, OH
Bridging the Divide Between Urban & Rural Healthcare
CloudWave is pleased to sponsor and present at this thought-provoking conference focused on addressing the disparities between urban and rural healthcare. Johnathan Buice, Senior Security Architect, will present at a breakout session on “Patient-Centric Cybersecurity Incident Response – Going Beyond IT.”
CloudWave sponsors
MUSE NC Community Peer Group
October 25, Hickory, NC
Save this date to join your MUSE peers for a great day of education and networking. To learn more, click the link below.
Rural Health Association of
Tennessee Annual Conference
November 20-22 Knoxville, TN
CloudWave is proud to be a sponsor of the 30th annual Rural Health Association of Tennessee Conference in Knoxville, Tennessee. We look forward to participating in discussions among rural health leaders about the benefits of cloud-based healthcare and enhanced cybersecurity for organizations for all sizes.
Past Events
MEDITECH LIVE 24 Welcome Reception
Foxborough, MA
Over 150 guests from MEDITECH and hospital customers packed the Harp restaurant in Patriots Place for drinks and appetizers the night before MEDITECH LIVE Thanks to Forward Advantage, Interlace Health, and ACS MediHealth for sponsoring the event with us! Great time had by all!
 |
 |
 |
 |
MEDITECH USERS
NETWORK CONFERENCE (MUN)
Liverpool, UK
Earlier this month, CloudWave took their annual trip across the pond to the UK for the MUN conference that brings together MEDITECH experts and users. CloudWave’s Jacob Wheeler, the Director of Sales Engineering presented, “Patient-Centric Cybersecurity Incident Response: A Paradigm Shift.”
PRHA 2024
San Juan, Puerto Rico
Meanwhile in San Juan, CloudWave was pleased to partner with Neptuno to exhibit at the Puerto Rico Hospital Association earlier this month. Healthcare leaders from around Puerto Rico joined the event to discuss what’s next in healthcare
WSHA CEO Retreat
Snoqualmie, WA
CloudWave joined healthcare leaders around
Washington State at the beautiful Salish
Lodge & Spa in Snoqualmie to discuss what’s
next in hospital administration and cybersecurity.
Keep Your OpSus
Change Requests Moving
Sign up for Advance Authorization today
CloudWave is pleased to offer a new way to
streamline the way we deliver changes to your
OpSus Cloud Services.
Incremental adjustments to the scope of your
cloud service are to be expected, but the timing
and process may not always be convenient.
CloudWave is now able to provide a way to
allow key personnel to pre-approve routine
change orders.
With Advance Authorization, you set the boundaries. Adding components, expanding storage, increasing capacity are all change order categories covered under your Advance Authorization Agreement.
Contact your Customer Success Manager or Sales Director to learn more.
Leave the Patching to CloudWave
Fully-Managed Patching Service for Healthcare keeps you safe
Failing to patch systems on a timely basis leaves your hospital vulnerable to performance slowdowns, regulatory compliance issues, and even worse—the risk of cyber-attacks.
Utilizing the proven CloudCare+ patch maintenance strategy, healthcare enterprises can prevent cyberattacks, performance slowdowns, and regulatory compliance issues.
CloudCare+ solves these challenges with a skilled service team that utilizes a proven process throughout the patching cycle. This enables healthcare IT teams to take a hands-off approach to maintenance while CloudWave keeps the environment compliant and secured against cyber threats.
Learn More About the Cybersecurity Insider Program
Sign up today for the Cybersecurity Insider Program to join a community where you can regularly access free healthcare cybersecurity education and get alerted to threat intelligence gathered by our Cybersecurity Operations Center team. You will also have the opportunity to network with your peers to hear about their cybersecurity successes.
Sign up now to get access to all 2023 and 2024 on-demand webinars, and then plan to join us for the next live webinar on October 31 at 2 p.m. ET.
The October webinar topic is: A Candid Conversation with a Hacking Expert and Everything You Need to Know About Effective Pen Tests
Back by popular demand, we will be joined by Hector Monsegur, a former hacker, to share insights into how attackers plot against hospitals to exploit vulnerabilities. With other experts from our team, we will discuss the different types of Pen Tests, which types are more effective at uncovering vulnerabilities hackers exploit, and how you can stay one step ahead of potential attacks.
A few highlights of the program include:
- Monthly free cybersecurity education – taking place on the last Thursday of every month—NEXT WEBINAR IS THURSDAY, 10/31 at 2:00 pm ET
- Ongoing alerts to high-risk cybersecurity threats with recommended actions
- Access to a private YouTube channel (you’ll get immediate access upon program registration)
- Access to a private LinkedIn Group
- Exclusive access to special events
- Annual group Tabletop Simulation
Meet Gian Guerra
Cybersecurity Analyst
Many CloudWave employees have spent their careers in healthcare IT.
As a Cybersecurity Analyst for CloudWave’s CTOC (Cybersecurity Tactical Operations Center) team, Gian Guerra identifies, analyzes, and responds to cybersecurity threats in hospital infrastructure environments.
Gian started his career in information technology at 16 as a Network Engineer Intern at Commvault. He also worked as an IT Security Analyst at Drexel University in Philadelphia.
His interest in information technology and networking led him to pursue a career in cybersecurity, which brought him to CloudWave in 2021.
When not at CloudWave, Gian enjoys traveling to different countries and exploring new cultures. He studied abroad in France and has visited numerous times.
“I enjoy French culture and cuisine.”
Also a big sports fan, Gian follows soccer teams Manchester City in the Premier League in England and New York City FC in the Major League Soccer (MLS) league here in the United States.
When asked what he likes most about working in healthcare, Gian believes that helping to ensure healthcare providers can operate safely and efficiently is “incredibly fulfilling.”
“The combination of innovation and security in this field allows me to contribute to solutions that directly enhance patient care and safety. I’m proud to be a part of it.”