Zero Trust Architecture: Key Tips to Protect Health Data and IoT
Now more than ever, it’s critical that hospitals and healthcare systems take the necessary precautions to protect their systems and data against cybersecurity threats. For most hospitals and healthcare systems, it’s a question of when, not if, a cyberattack occurs.
Although the Zero Trust security model has been around for about a decade, there are still opportunities for large-scale implementation. In healthcare, some experts say the Zero Trust approach may be the only way to eradicate three looming and growing threats: ransomware, outdated vendor firmware, and insecure services.
After a year of increased cyber attacks on hospitals and healthcare systems, such an approach may be essential to better defend healthcare Internet of Things (IoT) networks, systems and devices against a continuing barrage of attacks. sophisticated.
IT health news interviewed Leon Lerman, CEO and co-founder of Cynerio, a provider of cybersecurity and IoT asset management solutions for healthcare, to talk about the main reasons why hospitals and healthcare systems need to implement a Zero Trust Architecture, Why Zero Trust is Hard to Achieve with IoT Healthcare, and the Four Steps of a Zero Trust Implementation Model in Healthcare.
Q. What are the main reasons why hospitals and healthcare systems should implement the Zero Trust architecture?
A. It is well known that the healthcare sector is the primary target of cyber attacks, with increasingly sophisticated and highly motivated malicious actors seeking to exploit human and technological vulnerabilities. Since 2016, ransomware has caused damages of $ 157 million in healthcare, affecting 90% of healthcare organizations.
Additionally, in the aftermath of the COVID-19 pandemic, we have seen a 50% increase in the number of healthcare-related cybersecurity breaches against hospitals and medical devices, putting these organizations – and patients alike. ‘they serve every day – in danger.
Medical devices and IoT are arguably the healthcare industry’s biggest weak spot, as connected medical devices – which are an integral part of the Internet of Medical Things – are increasingly used by hospitals. According to Deloitte, around 68% of medical devices will be or will be able to connect to a healthcare system network by 2025.
While connected medical devices are essential to patient care, they are also the most vulnerable to cyber threats. For example, 96% of infusion pumps in healthcare facilities have been affected by URGENT / 11 or Ripple20 critical vulnerabilities in the past year. Additionally, our research has found that over 40% of CT machines are run in an unsafe manner by technicians, which can potentially expose credentials and classify patient data in clear text.
With 50 billion medical devices expected to be connected to clinical systems over the next 10 years, a Zero Trust architecture, which removes the traditional security perimeter and assumes that every user or device on the network could potentially be malicious, is essential. to help our healthcare organizations better defend their networks, systems and devices against a continuing barrage of attack techniques. When working with extremely confidential and valuable information, as is the case in a healthcare environment, this approach is probably the only way to root out the looming and growing threats.
Q. Why is zero trust difficult to achieve in the healthcare Internet of Things? How can health CIOs and CISOs meet this challenge?
A. Healthcare organizations face several unique challenges when looking to apply Zero Trust strategies. The main reasons are:
- Reduced visibility. Healthcare facilities often have thousands of medical and IoT devices that are invisible on the network, and that may be unknown to IT and security teams. Additionally, many devices do not support connectivity through standard network protocols, making it difficult to find and manage them.
- Proprietary protocols and lack of authentication. Healthcare IoT devices often run outdated protocols, which can be unauthenticated and unencrypted, and lack basic access controls.
- Default device insecurity. Many devices have inherent vulnerabilities, such as open services with minimal authentication used for remote support, management and monitoring.
- External connections to providers and cloud services. Most devices today need to connect to cloud services or third-party providers to function properly, or to perform maintenance or updates.
Despite these challenges, however, it is possible to achieve a more secure Zero Trust environment without disrupting clinical operations or damaging critical medical equipment.
Q. You said there are four stages of a zero trust implementation model in healthcare. Please specify.
A. It’s correct. Our recommended Zero Trust implementation model consists of four stages.
The first step is to design policies that block unnecessary communications with healthcare IoT devices. Simply put, this means seeking to understand exactly which communications are needed to maintain clinical workflows and medical device functionality, and which are not. Map the devices in your organization and identify the following for each category of devices:
- What other medical devices and servers does this category of devices communicate with?
- Does he need to communicate via the Internet? Is internet communication isolated in a VPN tunnel?
- Does he need to contact the device supplier?
- Does it currently have access to other devices, networks or the Internet, which is not necessary for normal operation?
The second step is to segment the network to contain the attackers in a specific segment. Since connected health IoT devices have many security vulnerabilities, it is important to isolate them from other parts of the network to limit the attack surface. The “network segmentation” phase involves steps such as ensuring that connected medical devices can only communicate with devices or systems that are part of their clinical process and blocking external communications, unless it is. required to communicate with a device vendor or other known entity.
The next step is to isolate the risks associated with the services used on individual devices, also known as service hardening. It is important in step three to assess as much as possible all connected medical and IoT devices in order to apply the latest security patches, perform software upgrades, require authentication on all channels of communication, close unused ports and reduce unnecessary device functions.
The fourth and final step is to limit external communications (e.g. with vendors, clouds, etc.) to avoid breaches. Since many of these devices require certain external connections to function properly and are used for urgent and urgent patient care, they cannot simply be disconnected from the network or shut down.
Instead, external communications should be kept to the bare minimum required. Therefore, in order to protect your medical and IoT devices:
- Establish monitoring and incident response procedures to identify violations and infections in real time.
- Keep devices functional at all times.
- Take advantage of network segmentation to isolate a device and prevent attackers from communicating with other parts of the network.
- Wait for the planned downtime of the device and take this opportunity to fix or clean the device to eradicate the threat.