Risk Never Sleeps Podcast: Episode #144

Title: Code Blue Meets Code Red: Cybersecurity in Scrubs
Host: Ed Gaudet
Guest: Ashini Sarati, CISO at CloudWave
Release Date: October 2, 2025

Episode Overview

In this candid and insightful episode, Ed Gaudet interviews Ashini Sarati, Chief Information Security Officer at CloudWave. With a focus on the unique cybersecurity challenges facing rural and community hospitals, Ashini discusses her journey from chemical engineering to cyber risk leadership, the importance of empathy in healthcare IT, and her vision for advancing solutions in a rapidly-evolving threat landscape. The episode blends practical advice with personal anecdotes, covering resilience, risk-taking, and a shared commitment to patient safety.

Key Discussion Points & Insights

1. CloudWave’s Mission & Rural Healthcare Challenges

• CloudWave’s Focus:

  • Specializes in providing disaster recovery, backup-as-a-service, and a range of security services, especially for rural and mid-sized hospitals.
  • Rural hospitals often lack technical and financial resources to address evolving cyber threats.
  • CloudWave’s role is to “take the burden off them from an IT perspective,” offering both technology and advisory services.
  • Quote:

    “Our job or our goal here is to make sure that they continue to provide the services that they need for their population. But we take the burden off them from an IT perspective...”
    — Ashini Sarati [01:30]

• Virtual Advisory Solutions:

  • Offers policy assistance, virtual CISO (vCISO) services, tabletop testing, and 24/7 security operations.
  • Quote:

    “We help them with policies. We help them with just what we call VCSO services as well... we also help them with just being eyes on glass. We have a security operations center that's 24/7.”
    — Ashini Sarati [02:24]

2. Ashini’s Career Journey

• From Chemical Engineering to Cybersecurity:

  • Entered IT during the dot-com boom, assisting with early HIPAA implementations.
  • Cites mentors and the progression from compliance initiatives to broader security leadership.
  • Quote:

    “I got into security before the word 'cyber' was added to the front of it.”
    — Ashini Sarati [03:00]

• Provider vs. Vendor Perspective:

  • Spent 12 years at a large, multi-state healthcare organization before moving to the vendor side.
  • Empathy for clinicians and understanding workflow realities (e.g., why nurses might struggle with MFA on the floor) guide her solutions approach.
  • Quote:

    “You understand that hey, a nurse may not be allowed to carry a cell phone to do MFA on the floor... it brings a different perspective... you don't want to be the roadblock.”
    — Ashini Sarati [05:02]

3. The Healthcare Security Team Mentality

• Shared Mission, Stronger Together:
  • Advocates for eliminating vendor-provider divides, working as a unified security team.
  • Emphasizes standardizing expectations across all partners.
  • Quote:

    “It takes an entire team on the same side to protect data. It's as simple as that... it's all one team.”
    — Ashini Sarati [06:18]

4. Strategic Initiatives for 2025

• Endpoint and Managed Detection & Response:
  • Pushing advanced endpoint protection (EDR/MDR) for healthcare, moving beyond traditional signature-based tools.
• Security Operations & Automation:
  • Rolling out new Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) capabilities for faster, automated incident responses.
• AI Adoption with Guardrails:
  • Exploring AI-driven reporting and dashboards; cautious approach with clear security guardrails.
  • Quote:

    “We have all the data but using tool sets that have things built in that provide reporting dashboards... I think that would be the few initiatives that we are trying to incorporate.”
    — Ashini Sarati [07:42]

  • On AI:

    “If you don't get on that bandwagon, then you're going to be left behind... But obviously you were trying to make sure that you have guard rails in place because that is a can of worms too.”
    — Ashini Sarati [09:11], [09:20]

5. Personal Passions & Life Balance

• Family and Hobbies:
  • Juggling multi-generational family life, children’s activities, and learning Bollywood and classical Hindustani singing.
• Women in Cybersecurity:
  • Active mentor through Women in Cybersecurity, values ongoing learning.
  • Quote:

    “I try to keep up abreast learning, a lot of learning. So a variety of activities. I don't have one passion. I have so many I can barely have time to keep up.”
    — Ashini Sarati [10:33]

6. Wisdom and Reflections

• Advice to Her Younger Self:

  • “Take risks when you're younger, find your passion when you're younger... Take care of your health because you can have wealth, but if you have wealth without health, it's nothing.”
    — Ashini Sarati [10:57]

• Fun Fact:

  • Loves to cook all kinds of cuisine (remarkably including meat, despite being vegetarian herself).
  • Quote:

    “I do not eat meat, but I can cook any kind of meat you give me. I'll figure it out.”
    — Ashini Sarati [12:36]

• Riskiest Move:

  • Changing careers and repeatedly choosing growth over stability.
  • Quote:

    “I have taken quite a few career risks to actually be where I am.”
    — Ashini Sarati [12:57]

• Desert Island Music:

  • Unapologetically Bollywood.
  • Quote:

    “Hands down, Bollywood... all new, classic, and then that's about it. I don't need anything else.”
    — Ashini Sarati [13:36]

• Advice for New Grads:

  • Stay current on technology, understand healthcare’s specific challenges (old mixes with new tech), connect the dots, and embrace passion.
  • Quote:

    “If you want to be in the healthcare space, keep up with what is going on with the technology in healthcare. There are challenges. Understand the challenges... and then just enjoy what you do, have a passion for it.”
    — Ashini Sarati [13:59]

Notable Quotes & Memorable Moments

• On Collaboration:

  “When it comes to security, it’s all one team. You cannot manage security by... having those blinders on. You got to have to have the big picture.”
  — Ashini Sarati [06:18]

• On Taking Risks:

  “Maybe you'll fall once, you'll fall twice, but if you find the right passion, then whatever you do in life... you’ll never feel like it's work.”
  — Ashini Sarati [10:57]

• On AI in Healthcare:

  “Obviously you were trying to make sure that you have guardrails in place because that is a can of worms too.”
  — Ashini Sarati [09:20]

Timestamps of Key Segments

• [01:11] CloudWave’s mission and support for rural hospitals
• [02:24] Security services & virtual advisory offerings
• [03:00] Ashini’s unique path to cybersecurity
• [05:02] Empathy and innovation driven by provider-side experiences
• [06:18] Team mentality in healthcare security
• [07:42] Upcoming initiatives: EDR/MDR, SOAR, AI
• [09:40] Family life & personal interests; Bollywood music passion
• [10:33] Mentoring through Women in Cybersecurity
• [10:57] Advice to her younger self about risk and health
• [12:36] Culinary talent and approach to cooking
• [12:57] Riskiest career moves
• [13:59] Advice for new grads entering healthcare cyber

Tone & Takeaways

The tone is practical, warm, and conversational, with an undercurrent of resilience and genuine care for both patients and IT colleagues. Ashini’s advice is both actionable and inspiring—with a persistent message: take risks, foster teamwork, and always keep learning.

Ed Gaudet’s questions guide the conversation with empathy and curiosity, ensuring the discussion stays accessible and directly relevant to those working at the intersection of healthcare and cybersecurity.

Summary by Risk Never Sleeps AI