healthsystemCIO.com Anthony Guerra

Whereas AI has some excessive enthusiasm around it (especially in the clinical realm), automation is a no-brainer. Well, not exactly. That’s because — though automation may work magic when done on the right workflow, at the right time, and in the right way — getting all three right (without understanding some nuances) is a long shot. In this practical and timely webinar, we’ll speak to leaders about those nuances to give others the best chance of success. With staffing shortages (due to burnout and other issues) on the rise and patient satisfaction all-important, this is one webinar you can’t afford to miss.

Speakers:



* Ash Goel, MD, SVP/CIO, Bronson Healthcare

* Karen “K” Marhefka, Deputy CIO, RWJBarnabas Health

* Ross Stoddard, Chief Strategy Officer, Simetria Health

On most days in cyber, it can seem like there are a million things to do. For Jim Kuiphof and his team, that was probably the case in 2022 when Spectrum Health and Beaumont Health merged to become 22-hospital strong Corewell Health. Of course, there was much foundational work to be done, but Kuiphof notes that sometimes there are even more important fires to put out before one can turn to big picture projects like org charts. It’s an important concept in cyber – a risk-based approach to deciding what must come next; where the team and its resources should be focused – and getting it right is absolutely key to success. In this interview with healthsystemCIO Founder & Editor-in-Chief Anthony Guerra, Kuiphof discusses the keys to prioritization in cyber, the Jim Collins-concept of getting the right people on the bus and into the right seats, and the salient attributes he’s looking for in team members.



LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE. 



Bold Statements

I’ve used the analogy that you have rowers, you have sitters, and you have hole drillers in your boat.

I don’t need you to create the vision, I need you to be able to listen, learn and articulate a vision. Say back statements, understand how well they can synthesize complicated data and repeat it back in a simple way, engage an audience, and be able to communicate through multiple means – instant message, face to face, virtually, in front of a crowd, whatever it is – role dependent, obviously. So communications leadership is one important thing.

It’s actually not so much when you get the job done; it’s are you getting the job done? And are you communicating about when you’re probably going to be getting it done? That’s more important to me. That’s an aspect of individual accountability and discipline that really goes beyond a generational thing.

Anthony: Welcome to healthsystemCIO’s interview with Jim Kuiphof, Deputy CISO at Corewell Health. I’m Anthony Guerra, Founder and Editor-in-Chief. Jim, thanks for joining me.

Jim: Thanks for having me, Anthony.

Anthony: Great, Jim. Why don’t you start off by telling me about your organization and your role?

Jim: Sounds good. Corewell Health is the newly formed, about two years ago, health system as a result of a merger between Beaumont Health in the Detroit area and Spectrum Health in the Grand Rapids area. Those two systems came together to form what is now the largest health system and actually the largest employer in the state of Michigan.

My role is the Deputy Chief Information Security Officer and Head of our Cyber Fusion Center. I have two jobs, one is right-hand man to my boss, the CISO (Scott Dresen), so I got to do a lot of the executive, forward-looking strategy planning, chief of staff type of work, and then the day-to-day job is to head up the teams that track threats, build preventions, detections, respond to threats, minimize our attack surface, do some analytics for us and internal consulting work across the entire system.

Anthony: Tell me a little bit about this Cyber Fusion Center. What’s that all about?

Jim: It’s an evolution. This is one of the final steps in this evolution when I started 8 years ago. Actually, it’d be 9 years ago at the end of this month. We had a limited capability to do detection and response. Cyber resilience and response is the name of the team. Over the years, we’ve added additional services. We call services ‘standard work,’ standard process, standard ways of doing things.

It’s the key question all CISOs have to ask themselves – especially those at small- to mid-sized organizations whose cyber teams run in the single digits as opposed to hundreds: how do I operate so as to get the biggest bang for my limited buck? For Blaine Hebert, VP and CISO at Yuma Regional Medical, it’s all about picking a cyber framework and sticking to it. In doing so, he says hospitals and health systems will, by default, focus on key foundational issues – the blocking and tackling whose neglect is often the root cause of so many breaches. But it doesn’t stop there, Hebert also recommends building relationships with key users before an incident to facilitate business continuity – ‘you don’t want to get introduced for the first time during a breach,’ he advises. In this interview with healthsystemCIO Founder & Editor-in-Chief Anthony Guerra, Hebert covers these issues and many more.



LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE. 



Bold Statements

There’s a tendency in healthcare – and probably other industry verticals – to focus on the new shiny thing in cyber, and I think we miss the boat if we don’t just stick to the foundational issues.

In healthcare today, unfortunately, CISOs are really still not given a seat at the big table. They are still relegated to a direct report – it could be the CIO, CTO, whatever the case may be. I think there are not enough CISOs that are given board-level visibility.

To me, my part as a CISO is I’ve got to have that pre-coordination effort done. I need to know all those people by name, have coffee with them, get to know them, let them know I’m here to support them.

Anthony: Welcome to healthsystemCIO’s interview with Blaine Hebert, VP and CISO at Yuma Regional Medical Center. I’m Anthony Guerra, Founder and Editor in Chief. Blaine, thanks for joining me.

Blaine: Great to be here, Anthony. Thanks for having me.

Anthony: Good. Looking forward to having a fun chat. You want to start off, Blaine, by telling me about your organization and your role?

Blaine: I’m the VP and CISO at Yuma Regional Medical Center in Yuma, Arizona, been there approximately a year now. We’re a 400-bed, not for profit hospital. Pretty small cyber team. I’ve got four direct reports that fall underneath me. I’m the first CISO that Yuma Regional has had. Prior to that, they had some virtual CISOs that were supporting the organization.

Currently, we’re a one-hospital system there. Really, the only regional medical center between San Diego and Phoenix, so quite a large population here that we support.

Anthony: Very good. I want to start out with the open–ended question and just see what’s on your mind. What are some of the trends that you’re watching? Either things you’re working on or trends you’re watching, just what’s top of mind right now?

Blaine: Well, I don’t think there’s a CISO in our industry that doesn’t lose sleep over ransomware. That’s probably the number one ticket item. Then, AI is really in the forefront right now. We’re trying to get our arms around some governance structure for AI and doing some good things there. Really, first and foremost for me is just making sure that we’re doing the standards and the foundations right at Yuma Regional.

There’s a tendency in healthcare – and probably other industry verticals – to focus on the new shiny thing in cyber, and I think we miss the boat if we don’t just stick to the foundational issues. That’s so evident now that Change Healthcare thing came out and sh...

With so many new technology solutions hitting the market, it’s becoming increasingly common for health systems to add accelerator or incubator programs to separate the wheat from the chaff. Because although there are many brilliant ideas, there’s often a lack of understanding when it comes to workflows and other challenges, according to Craig Kwiatkowski.

The Cedars-Sinai Accelerator, established in 2022, aims to address this “knowledge gap” by granting access to end users, stakeholders, and thought leaders throughout the organization so they witness firsthand how care is delivered. It’s one reason why the reason the program has already counted several success stories, he said. Another is the fact that the Accelerator is extremely selective, focusing only on products that “scratch an itch or solve a problem.”

During a recent interview, Kwiatkowski spoke with Kate Gamble, Managing Editor and Director of Social Media, about the many initiatives his team has in place to improve efficiency and quality for providers and patients at Cedar-Sinai, an academic organization serving more than 1 million individuals across the Los Angeles community. He shared insights on the “major overhaul” of ERP systems that will help centralize services; the three-pillar AI governance structure his team has created; and the unique experience he gained during his time as a pharmacist.

LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE. 



Bold Statements

Our focus is on reducing friction, improving efficiency, and simplifying things where we can, and there is certainly no shortage of opportunities and possibilities to do just that.

It was a really nice win for the organization; more of an operational transformational project that included a number of business process changes and other efficiency opportunities. And of course, technology is the enabling piece that sits underneath that.

We’ve spent the better part of the last 10 to 15 years implementing EMR and EHR technology and really focusing on the clinical solutions and tools that are so fundamental to the work that’s being done. I think that has come at the expense, in many cases, of focusing on ERP and other administrative or back-office solutions.

We try not to create bespoke technology solutions that the companies are going to have a challenging time deploying and scaling outside of Cedars. We’re helping think about what will work broadly and be forward thinking as they’re deploying their products moving forward.

Innovation is often easier than adoption. I think that’s particularly true in healthcare.

Safety in particular is something I’ve always been very passionate about. I think it connects very well to the way in which we try to serve the organization from a technology standpoint and the importance of the work we do.

 

Q&A with Craig Kwiatkowski, SVP & CIO, Cedars-Sinai

Gamble:  Thanks so much for taking some time to speak. I appreciate it. I want to talk about your core objectives, particularly in terms of driving innovation. Let’s start with a high-level overview of Cedars-Sinai. Can you talk about where you’re located, what you have in terms of hospitals, things like that?

Kwiatkowski:  Sure. That’s a good place to start. Cedars-Sinai Medical Center is a non-profit academic medical center with about 900 beds. We provide a wide range of services in the Los Angeles area with a number of different specialty programs, including cardiology, ortho, neuro, GI, cancer, and women’s health, many of which are highly regarded.

In addition to the main campus,

You might think a former drill sergeant turned CISO would lead with a ‘my way or the highway approach,’ but for Terry Grogan, VP of IT Assurance & CISO at Tower Health, that couldn’t be further from the truth. That’s because, according to Grogan, such leadership will only see you followed when seas are calm, but when the storm strikes, teams look to rally around those who they know have their best interests at heart. And Grogan shows that sentiment by embracing a “see something, say something” mentality where users are encouraged to “tell on themselves” if they accidentally give up their credentials to some kind of compelling scam. In this interview with healthsystemCIO Founder & Editor-in-Chief Anthony Guerra, Grogan covers these issues, where most attacks are coming in, and why she sometimes embraces a ‘lock it down and ask questions’ later dynamic.



LISTEN HERE USING THE PLAYER BELOW OR SUBSCRIBE THROUGH YOUR FAVORITE PODCASTING SERVICE. 



Bold Statements

We’re looking for lateral movement, looking for command and control, impersonation of users, escalation of privileges. And you need multiple log sources to stitch that picture together. It can’t be just what’s happening on the endpoint anymore.

I believe our users have gotten much more willing to tell on themselves, because we make it far less painful for them to get back into the system and back to work.

… what I do is automate on the side of caution. So I’ll lock a machine or a user out with an automation based on hitting certain roles. Whether I’m wrong or not, it doesn’t matter. I’d rather say, ‘I’m sorry, I didn’t mean to lock you out,’ than to not have taken that quick action if it really was something important.

Anthony: Welcome to healthsystemsCIO’s interview with Terry Grogan, VP of IT Assurance and CISO at Tower Health. I’m Anthony Guerra, founder and editor-in-chief. Terry, thanks for joining me.

Terry: Hey, thanks so much, Anthony, for having me. I really appreciate the opportunity.

Anthony: All right, very good. Thank you. Terry, can you tell me a little bit about your organization and your role.

Terry: Tower Health is a 3-hospital health system. We also have, in addition to Reading Hospital, there’s Phoenixville and Pottstown Hospital, and we also have a joint effort with St. Christopher’s Hospital for Children in Philadelphia. We have about 18,000 users. We have Community Connect sites. We have medical groups, specialty practices. So it’s a typical mid-sized health care system. I am the chief information security officer here for all of Tower.

Anthony: Excellent. Thank you for that. Let’s start open-ended here, Terry. What’s on your mind? What are some of the trends you’re looking at, things you’re watching, just top-of-mind stuff, and we’ll go from there.

Terry: As I’m sure you’re aware if you’ve talked to any other healthcare CISOs, we are a very targeted group of entities. I constantly watch the news and see my peers deal with attacks. I look at our logs and see us being attacked on a daily basis. I have a lot of the same attacks that others look at, phishing, obviously is a big one. But interestingly, we’re getting a lot more attacks outside of normal phishing emails, which seem to be not as effective anymore for threat actors. Impersonations have been a big problem for me recently. And we have upped our identity questions when we try to positively identify folks for password reset or especially for changes to their multi-factor authentication.

We’ve caught several threat actors impersonating ...

Recent industry-shaking events have made it clear that serious points of risk lurk throughout healthcare. They’ve also revealed that operational risk and IT security risk are deeply intertwined, making it incumbent for CISOs and CIOs to work with others in their health systems – from the chief risk officers, to clinical leaders, to emergency management – to help develop a joint picture of third-party risk that analyzes the implications of losing services not only from a cyber outage, but for any reason. In this timely webinar,  we’ll speak to leaders who are committed to going back and reviewing key third-party service providers through the lens of recent learnings so appropriate levels of total risk can be assigned, and plan Bs can be developed.

Speakers:



* Chris Akeroyd, SVP/CIO, Children’s Health

* Vince Fitzpatrick, Director of Information Security, Christiana Care Health System

* Chris Bowen, CISO/Founder, ClearDATA