From hindsight to foresight: SASE moves the needle on healthcare cybersecurity

The past few years have been particularly dire for the healthcare industry. The entire industry has been asked to adapt the way they deliver patient services in response to pandemic stay-at-home orders and new patient telehealth expectations. Cybercriminals saw this changing landscape as an opportunity to inflict relentless hacking and IT security destruction, leaving many organizations on their knees, desperate to defend their network perimeter and keep cybercriminals at bay.

Understanding the threats

Ransomware is a well-known and significant hazard to the confidentiality, integrity and availability of information. When a system or a device is infected by ransomware, files and other data are typically encrypted, access is denied and payment is demanded in order for data to be returned to the user. Even then, paying the ransom is not a guarantee that this critical information will be restored.

In addition to ransomware, there are other types of malware that pose a serious threat to healthcare organizations. Such situations can leave information fully erased and data unrecoverable. Cybercriminals can be found using off-the-shelf malware (e.g., phishing kits, trojans and customizable Microsoft files). But as criminals become more unconventional and sophisticated, they can complement these off-the-shelf tools with sophisticated manual hacking techniques that can rob any organization blind.

The question, then, is: If cybercriminals are evolving their capabilities and using better technology to take advantage of those who are most vulnerable, why aren’t healthcare organizations doing the same to properly defend themselves?

Next-era security solution

Ideally, every healthcare organization should already have basic and advanced security controls in place. Doing so will ensure that there is a plan for defense, such that if one control or system fails, another will take its place. But with a host of connected devices, applications, vendors and employees, it has become more challenging than ever to provide continuous, real-time monitoring and protection to their networks. 

SD-WAN and managed security solutions have been proven to simplify and centralize the management of network security. Companies rely on a various assortment of access controls like Secure Web Gateways (SWGs), Firewalls-as-a-Service (FwaaS) and Cloud Access Security Brokers (CASBs), in addition to threat prevention through Next Generation Antimalware (NGAM) and Intrusion Prevention System (IPS). Yet it wasn’t until very recently that a new model came to the table, offering a way to seamlessly converge all of these network and security services into one unified cloud solution. This new model is called Secure Access Service Edge (SASE). 

How does SASE work?

SASE offers a range of benefits for healthcare, including reduced exposure to security risks and faster access to mission-critical applications for users away from the central location (e.g., a hospital or office building). For healthcare, this will look like:

• Increased business agility to support the modernization of networks and security infrastructures, allowing for the quick adaption to new challenges, such as the pandemic.
• Enhanced productivity from healthcare employees, now working hybrid roles, and protection for those employees regardless of location. 
• Relieved IT staff and resources that have been overloaded in an attempt to deliver best practices for security policies, provisioning and continuous monitoring. 
• Strengthened business continuity and resilience through network and security virtualization, improving the ability to provide quick, seamless and secure patient care. 
• Guaranteed regulatory compliance for HIPAA, PCI and SOC 1-3.

Switching to SASE, STAT

Adopting SASE in a healthcare setting doesn’t require a sudden, wholesale transition. There are different starting points for deploying a SASE architecture, whether it be migrating applications to the cloud, increasing bandwidth for business-critical apps or implementing better security solutions to enforce security policies and encrypt data across the network.

In doing so, many healthcare organizations are implementing SASE by default, even if they aren’t using the term to refer to their network and security strategy. But by creating awareness of this new cloud architecture, SASE can go beyond converging networking and security by helping drive innovation for healthcare providers by delivering highly secure and efficient experiences for their end users.