Healthcare and Cybersecurity: Take Action Now; Don’t Wait for a Master Plan



Category: Healthcare

**This post was originally published on IronBow’s Blog, here.

For many industries, business pressure is such that technology innovations might get deployed before any thorough security assessment gets conducted. It’s never on purpose, but the omission is mostly due to limited resources or budget constraints and pressure from the business to meet the demand of a competitive market. The best example is BYOD: many of us access business assets on devices that are either not protected or are outside the control of our IT organization.

Healthcare is a great example of an industry that finds itself at the crossroads of much needed technology innovations and improved security:

  • New applications, EMRs and others are being deployed and interoperability between these systems within the same facilities and with business partners is becoming a requirement
  • Mobile devices – smartphones, tablets and laptops – are getting more commonly used to improve access to systems anytime and anywhere
  • A new generation of digital medical devices is emerging to monitor and collect patient data in a digital form
  • Last fall, the Washington Post provided examples of security breaches (Health Care Sector Vulnerable to Hackers) that were mostly the result of new technology and applications.

What can be done? To healthcare network and security professionals, it can be a daunting task especially if you start from a place where your network architecture is mostly flat, with all assets and systems almost treated equally from a security standpoint.

You can opt to maintain the status quo while you build a master security plan that will never get executed. Or, starting today, you can take action and progressively put your organization in a much better position. Here is the first recommendation: get a better understanding of your network traffic.

Nobody will argue that for heavy-loaded areas of your network that carry access to critical applications, you cannot introduce any risk of disruption. A completely transparent, non-disruptive step is to deploy a next-generation firewall in tap mode and start analyzing traffic. Many customers have told us that it gave them immediate visibility into all traffic and allowed them to craft an informed and pragmatic plan to improve security. They gained visibility into:

  • The full range of applications and systems running on their network, business critical, authorized, known and unknown
  • Bandwidth required to support business critical applications by time of day or any other criteria
  • Bandwidth consumed by applications used by employees for personal purposes. In many cases, working with employees allowed for this “tolerated” traffic to be minimized and enabled security teams to refocus all resources and efforts on business critical systems

For a more thorough view of what “full traffic and application visibility” means at Palo Alto Networks, you can download the latest version of our Application Usage and Threat Report. You can easily get the same level of data for your enterprise network and start taking action today.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42


SUBSCRIBE TO RSS