New Cyber-Defense Strategies for Healthcare Security
In the healthcare industry, cyber-defense systems must continually evolve to keep pace with the ever-changing threats posed by computer hackers and malicious software attacks. This ongoing game of cat-and-mouse makes it hard for us CISOs to keep our defense postures up to date, or even to stay knowledgeable about the newest security products on the market.
To address this challenge, I recently invited several of my industry peers to meet with some of the most cutting-edge security startups in Silicon Valley in search of some new solutions. This unique CISO-VC Briefing Program was organized by our technology partner Trace3, which has built up strong relationships with many of the Valley’s most prominent venture capital firms and their portfolio startups.
I was joined by my IT security colleagues from Scripps Health, Millennium Health, NuVasive, Ringcentral and Bank of the Internet. Many of us are members of the San Diego CISO Roundtable, a tight knit community of local security executives, while a few participants presented a unique Northern California/Southern California CISO networking opportunity. We all grapple with the same challenges, yet we don’t view information security as a competitive advantage. In fact, we try to help each other by sharing updates about the latest types of attacks and the newest security strategies.
Visiting with Security Startup Leaders in Silicon Valley
Even with the rapid pace of cybersecurity innovations today, the bad actors continue to evolve their threats too. Many of us CISOs still rely on legacy security tools that have been leapfrogged by new types of attacks in recent years, so we need to continually adapt our people, processes and technologies.
Older defense systems such as network firewalls and intrusion detection systems remain important, but they are more easily circumvented today. For instance, firewalls only block certain network entry points, but attackers simply use sanctioned ports in firewalls to deliver their malicious software.
Many of the latest security products take a different approach rather than trying to build a moat around the network, which is no longer effective in this world of cloud computing and mobile computing. Some next-generation technologies incorporate machine learning systems that become smarter over time.
One clever approach is known as user behavior analytics (UBA). This type of software sets up profiles for the expected normal online behaviors of each user. By monitoring all users, the system can detect anomalous behaviors which may be the result of stolen password credentials. Or perhaps such unusual patterns are due to a disgruntled employee who is downloading proprietary company data. Employees with sensitive data access may be detected reaching beyond their authorization and into files they don’t have a legitimate reason to see.
My team at Sharp Healthcare is very interested in adopting UBA to detect such intrusions, and we are planning to purchase a solution in the New Year.
Staying One Step Ahead of the Bad Guys
Another cool new security technique shown at our briefing involved network anomaly detection, which is used to track network traffic for abnormal patterns. For example, when terabytes of financial information start getting downloaded at 3 AM, that event triggers an alert to mitigate a potential breach.
New tools for identity and access management allow IT managers to give employees the mobile reach they need to access data from any device, while still protecting the company’s interests with cloud-based security. In addition, data packet inspection solutions examine the reputations of email senders to thwart any possible phishing attacks.
As a result of the briefing, I also set up meetings with DB Networks and Imperva, makers of database monitoring systems, along with Immuta, a firm that specializes in data security while providing an integrated experimentation platform for data scientists.
Many CISOs and CIOs shy away from buying cutting-edge technologies. Some prefer to instead stick with the big incumbent vendors. However, it’s critical to develop a familiarity and trust for the technologies that today’s leading startups are developing. From a security perspective, this is the only way to stay one step ahead of the next potential data breach.