According to the Verizon’s 2018 Protected Health Information Data Breach Report (PHIDBR), 70% of
            incidents involving malicious code were ransomware infections and a whopping 58% of incidents involved
            insiders.

            While an internal breach could be just employee curiosity and may not always be malicious, it leaves
            sensitive data open to misuse. Unauthorized internal access to patients’ personal information provides a
            convenient means to commit fraud of various types. Regardless of the intent of the breach, securing data
            should be of prime concern to any healthcare organization.



            Taking a Zero Trust Approach to Security

            Most  healthcare  organizations  have  traditional  cyber  security  systems  which  rely  on  protecting  the
            perimeter using firewalls, while assuming all communication within the network is safe and authorized.

            Threat  actors  are  taking  advantage  of  this  assumption  and  using  sophisticated  attack  vectors  –  like
            phishing, fileless malware, ransomware, zero day attacks – to enter the network. Once inside, they’re
            able to remain undetected for months since security operators have very little visibility of East-West traffic.
            Apart from hackers, the high percentage of internal threats from employees is also looming security
            concern.


            In the event of a breach, a healthcare organization stands to lose not only their patients’ personal and
            financial details but also private and sensitive data like:

                 Medical history
                 Social Security/National Insurance numbers
                 Medical device or serial numbers
                 Biometric data
                 Full facial photographic images or images that have unique identifying characteristics
                 X-rays and diagnostic images
            To defend against external and internal threats, the most reliable course of action is to implement a zero
            trust security architecture. The zero trust security concept is based on the premise that no connection is
            trusted unless it has been explicitly allowed.

            Adopting zero trust security marks a paradigm shift from reactive to proactive security, wherein the goal
            is to prevent the breach rather than ‘react’ after it has happened.



            How Zero Trust Security Can Make a Difference

            To  create  a  zero  trust  network,  healthcare  organizations  cannot  depend  only  on  network  level
            segmentation which uses VLAN/ACLs and internal firewalls. Maintaining access control lists and updating
            thousands  of  firewall  rules  on  a  regular  basis  in  a  dynamic  business  environment  is  cumbersome,
            operations-intensive, and error-prone – not to mention the high cost of maintenance and upgrades. Lack
            of East-West traffic visibility is also a major issue with hardware centric segmentation.






                                 130