This post is also available in: heעברית (Hebrew)

Protecting healthcare organizations from cyber-attacks can be a matter of life and death. Healthcare organizations are vulnerable to various cybersecurity threats demanding from them extra vigilance. 

The WannaCry global ransomware attack was arguably the first major wake-up call to healthcare providers worldwide. Last October ransomware attack on the Israeli Hillel Yaffe Medical Center in Hadera, taking down the computer systems and resulting in heavy delays in treatment and the diversion of patients to alternative facilities has raised concerns regarding the security of all medical facilities in Israel.

Medical organizations are looking for new ways to deter ransomware attacks, safeguard sensitive protected health information (PHI), and prevent costly and potentially life-threatening downtime. 

The zero-trust security model is fast filling that role for medical cybersecurity. The view that every access point to a network is inherently untrustworthy helps healthcare organizations develop a compliance-first, intelligent and frictionless approach to cybersecurity, according to 

First and foremost, protected health information must be carefully guarded. Healthcare organizations in the US need to comply with various regulations, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA). At the same time, PHI is also increasingly valuable to cybercriminals, much more so than credit card data. Successful cyberattacks that steal this type of data can be lucrative for criminals.

The number of vulnerable attack surfaces increases as healthcare organizations are adopting cloud-based applications and services to simplify IT operations, increase clinician productivity, and improve patient care and outcomes.  More organizations and physicians are embracing telehealth visits and remote patient monitoring using internet-connected sensors. Relying more and more on third-party providers and outsourced staff makes identity access management difficult to implement.

The US National Institute of Standards and Technology (NIST) Zero Trust Framework assumes all users, endpoints and workloads are inherently untrustworthy, whenever and wherever they access enterprise resources or applications.

Under this security model, users are authenticated, authorized and validated independently of network borders. With zero trust, the goal is to decrease attack surfaces, increase contextual decisions for higher and more accurate response automation, and restrict lateral movement if a resource is compromised.

A simplified zero-trust approach needs to be frictionless, both for end-users — such as physicians and other care providers — and for IT professionals. It needs to keep an eye on the various layers where an intrusion can occur: the endpoint, the identity, the network or the data layer. If a breach does occur, the zero-trust approach works to limit the attack surface. 

Healthcare organizations can implement zero trust in phases and address urgent requirements as quickly as possible. They can first gain a holistic view of all users and assets, including all on-premises and cloud-based workloads and identities. They can also then deploy advanced artificial intelligence-based threat detection and prevention capabilities to defend against ransomware attacks. Covering legacy applications and optimizing user productivity can come after that.