How to Fight the Most Dangerous Security Threats to Patient Data Using Zero-Trust

Protecting patient data is becoming more and more difficult, but the zero trust approach enables  healthcare organizations to adjust their cybersecurity politics, rendering them more flexible.

The term “big data” describes huge complex volumes of ever-increasing information processed through digital technologies for use in several fields of endeavor. Big data has found use in government, banking and finance, technology, fraud detection, social media analytics, agriculture, call center analytics, marketing, telecommunications, and healthcare.

The medical sector appears to be behind others in the adoption and application of big data, mainly due to resistance from healthcare providers. Access to new information is beginning to see big data gain a foothold in the healthcare industry. However, this brings new concerns, especially related to data security against cybersecurity attacks.

ECRI, an independent, nonprofit organization offering tech solutions and evidence-based guidance to healthcare decision-makers worldwide, named cybersecurity attacks as the top health technology hazard for 2022 in its annual report,  released on January 18th. But why is that the case?

Data Is Everywhere, so Trying to Ensure Its Safety Is a Constant Challenge

The patients are now more and more connected to the healthcare system. In the last four decades, wearable technologies designed to help patients and doctors evolved constantly. Nowadays, wearables and remote patient monitoring devices allow patients and healthcare providers to establish a more continuous model, and the amount of data thus gathered keeps on growing, becoming more difficult to keep safe and also more valuable on the black market, which leads to ransomware attacks being on the rise and making data security imperative for healthcare organizations.

Keeping healthcare data safe has become more and more difficult in recent years, because the number of users who can now access such data has been growing exponentially, people being able to access data from virtually anywhere and on any device. And, since providers adopt cloud services — sometimes without the supervision and knowledge of IT teams — data ends up scattered across different platforms, to the point where no one is sure where it all resides.

As a result, data is everywhere, so trying to keep it safe becomes a constant challenge.

The zero-trust approach to security has appeared to help healthcare organizations keep  patient and enterprise data safe in these new conditions. Zero trust basically means there is no implicit trust involved, and every request for access to data or applications is validated to make sure who wants access and what for. “Zero-trust network access creates a condition where everything has its own perimeter,” says Jeremy Weiss, executive security strategist for CDW. “This is true for both authorization and authentication.”

Healthcare Has to Face New, More Complexe Threats Every Day

For now, according to the 2021 HIMSS Healthcare Cybersecurity Survey”, only 8 percent of the surveyed healthcare cybersecurity professionals reported they have implemented zero-trust solutions comprehensively (100 percent) across their organization, while others said they implemented said solutions, but to a lesser degree. Zero-trust is still gaining traction within healthcare, the security improvements it offers making it a more and more desired option for health IT teams on a quest for the best way to keep patient data and workloads safe. The main attraction of this solution seems to be simplicity. 

“The real value is that zero trust tends to be software control,” says Buck Bell, who leads CDW’s Global Security Strategy Office. “This simplifies deployment as well as policy management. You can centralize policy and deploy it broadly.”

Security measures such as zero-trust are needed because cybersecurity threats are growing each year, becoming more and more acute. Since cybercriminals are well funded and organized, they are able to carry out more complex and dangerous attacks. Social engineering attacks, for instance, are pinpointing what is important for a specific target and adjust their threat accordingly, to make sure the target either clicks on a link or opens an attachment to activate the attack. 

Since IT attacks, such as ransomware, have become very lucrative, cybercriminals are becoming better and faster by the minute, taking advantage of all and any weak points a system has. For example, within hours of reports in December 2021 of a security flaw in the Log4j2 Java logging library, security professionals observed more than 100 attempts to exploit the vulnerability every minute.

Organizations have to face not only cybercriminals, but also state-sponsored cyberattacks, meant to show any weaknesses within their systems. Well funded, trained and coordinated, government-backed hackers try to compromise data and applications. 

Cybercriminals are getting better and faster computers, while using cloud-based tools such as Ransomware as a Service, so they become not only better in their attacks, but also in covering their tracks. 

What Can Be Done to Keep Patient Data Safe

In order to be prepared to face these threats, healthcare organizations have to become better  at cyberdefense, zero-trust being an important part of the protection strategy. 

In the effort to implement zero-trust, there are some simple steps healthcare organizations can take to get the process started. The current security situation the organization is in needs to be assessed first, to help executives and IT professionals understand which are the weak spots, how to prioritize securing them and which security controls are already in place.

Then, another main element of the zero-trust initiatives is to clearly verify a user’s identity. In order to be able to do that, many organizations implement multifactor authentication tools, as well as security controls to check user behavior.

“Organizations should have a clear picture of who has access to what data at any given time,” Weiss says. “This is a major challenge.”

The zero-trust solution to improve system security means enforcing security policies concerning services and applications, and using encryption and microsegmentation, while increasing flexibility to help healthcare organizations face ever increasing cybersecurity threats. And even though foreseeing every threat is impossible, as Weiss says, “zero trust is important because it helps prevent lateral movement by threats”, in a security environment where one can rarely avoid unauthorized access to some assets, which makes these controls essential to ensure cybercriminals cannot easily move inside an organization’s network.