- We’ve often discussed health data security breaches here, as well as healthcare network security issues. In fact, with the digitization of the modern world, we’re seeing even more targets happen.
Consider this: Juniper Research recently pointed out that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 trillion globally by 2019, increasing to almost four times the estimated cost of breaches in 2015. This means that the value around protected healthcare information (PHI) and patient data will only continue to increase.
With that in mind, let’s ask a series of important questions: How ready are you to face a very real attack continuum? How well are your ports monitored? How quickly can you stop an attack? Do you even know what data is flowing through your data center?
To answer this, healthcare organizations need to take a step back and truly understand the entire attack continuum. There are three critical parts in the attack spectrum. Before, during, and after.
Before the Attack
Discover: What are you actually defending? Before the attack, healthcare organizations must know what’s on the network and what needs to be defended.
Enforce: Devices, operating systems, various services, applications, and users all need to be accounted for. What are you actually securing and enforcing on the network?
Harden: From there, organizations need to implement access controls, enforce policies, block applications when needed, and control overall access to assets. All of this helps reduce the “attackable” space within your healthcare network.
During the Attack
Detect: If an attack gets through, how quickly can you detect the intrusion? Are your sensors placed at the right spots within your network? Fast detection is key for the best possible hope of quick remediation.
Block: During an actual attack, and once detection happens, how fast can you block the attacking source? Are you able to lock down ports and places of entry quickly?
Defend: Once an attack is ongoing, you must be able to defend other systems within the environment. Do you have good segmentation policies? How well can you protect other valuable resources on the network?
After the Attack
Scope: Invariably, there may be an attack that’s actually successful. Now what? How quickly can you understand the full scope of the problem? Can you quickly see all entry points?
Contain: After an attack occurs, you must be able to contain and quarantine the threat. At this point, speed is absolutely critical in nature. Your tools should help you gain an understanding of the threat and how to quickly contain it.
Remediate: Not only are you trying to remediate an issue, you’re also trying to get business operations back to normal. All of this will require healthcare network security intelligence which gives you deep insight into the entire threat spectrum, and where remediation is critical.
The only way to create a true healthcare network security architecture is to understand that there isn’t a silver bullet here. Rather, you have to deploy real-world security solutions around the entire attack continuum. This means point-in-time and continuously. Most of all, these security policies must scale your network, the endpoint, mobile computing, virtual systems, and the cloud. Remember, the hacking community is a lot more industrialized and economically motivated. Your data is a prize target. To defend against multi-vector threats you must be able to create risk-based policy controls. This means that even if an attack happens, you can contain and remediate it much more quickly. The idea isn’t only to create a good security ecosystem; you also want to create as much intelligence as possible.
New healthcare security solutions are looking at much more than just point-in-time challenges. A next-generation security architecture must look at the entire attack continuum and work proactively to defend against it. Remember, the attack lifecycles now include a timetable of before, during, and after the attack. Each point is critical, and the speed of your response will dictate the outcome and magnitude of the attack itself.
New technologies are now allowing healthcare organizations to create automated threat responses based on very specific network security rules. In creating your own security platform, make sure you know just how secure your network is today, and where you can make improvements.