The 4 Must-Haves for Healthcare Ransomware Resilience

It’s no secret that bad actors look to inflict as much pain and reputational damage as possible through ransomware. And few industries boast a more sensitive set of targets than healthcare.  

When confidential patient data and critical assets like hospital equipment are at stake, there’s no time to hesitate when it comes to strengthening ransomware resilience.  

That’s why healthcare cybersecurity experts from AWS and Illumio came together to discuss what healthcare organizations can do to face a rapidly shifting ransomware landscape, including how Illumio Zero Trust Segmentation can help.  

Get insight from Trevor Dearing, Director of Industry Solutions Marketing at Illumio, and Hector Rodriguez, Principal Industry Strategist for WWPS Health and Life Sciences at AWS, on how your healthcare organization can modernize its ransomware response.

Watch the full webinar here, or see a short preview of the discussion below:

IoMT innovation is shaping an evolved healthcare ecosystem

Rodriguez pointed out how the healthcare industry is seeing traditional, on-premises data centers and even some traditional service models disappearing or being merged with more modern capabilities. This reflects the evolution of a new ecosystem in healthcare.

“When we take a look at it, what's really happening in healthcare is we're in a new world,” he said.  

Rodriguez sees rapid innovation in medical mobile devices, healthcare marketplaces, connected devices, and the Internet of Medical Things (IoMT) as a whole.

“We're even seeing applications being prescribed to patients for solutions such as remote patient monitoring,” he noted.

4 security efforts healthcare organizations need to be focusing on

With such an expansive digital surface for potential attacks, it can be daunting to understand where to start. And Rodriguez acknowledges that this is resulting in more data breaches on healthcare organizations.  

In fact, in just the first six months of 2023, there have already been 4,498 healthcare data breaches.

For Rodriguez, healthcare cybersecurity begins with data: “We need to make sure that data is protected right from the very beginning with the ability to segment and contain any attacks that could occur,” he said.

He recommends that healthcare organizations focus on these four key security efforts:

• Better data sharing and data interoperability

• Data retention and destruction to ensure data is managed properly
• Cyber resilience against ransomware attacks
• Breach containment technologies to minimize the breach blast radius

Illumio Zero Trust Segmentation aligns with modern healthcare security needs

Illumio Zero Trust Segmentation (ZTS) can help healthcare organizations achieve Rodriguez’s recommendations and make strides towards better cyber resilience.  

Dearing explained that Illumio helps organizations maintain services while under attack by containing cyberattacks to prevent them accessing high-value assets like scanners, MRI machines, or medical records. This is achieved through least-privilege access via ZTS

“Think about ZTS as putting a Zorb inflatable bumper bubbles around each individual asset or resource within your system within your infrastructure. This can include applications, databases, or medical devices,” Dearing explained.  

Why is ZTS essential now for the healthcare industry?

According to the World Economic Forum’s Global Cybersecurity Outlook 2023 report, cyberattacks on healthcare are trending toward service disruption rather than data infiltration. This means healthcare attacks are increasingly impacting not only more people but more money.  

This is why Dearing encourages healthcare organizations to prioritize a Zero Trust security model. Breaches are inevitable, and traditional prevention and detection technologies are not enough to stop today’s cyberattacks. Instead, a Zero Trust security model encourages organizations to focus on breach containment.

“Instead of trying to identify the thousands of bad things, Zero Trust says we only need to identify the few good things and allow them access,” Dearing said.

Using the Illumio ZTS Platform, security teams can get visibility across their entire hybrid attack surface. This allows teams to find vulnerabilities and prioritize securing their most high-risk assets.  

From there, organizations can use Illumio to build proactive breach containment by setting granular, flexible segmentation policies that control communication between workloads and devices to only allow what is necessary and wanted. In the case of a breach, they can reactively isolate compromised systems to stop the spread of a breach and maintain operations.  

“Don't try to stop every attack. Focus on trying to survive them,” Dearing recommends.

Zero Trust is changing the security paradigm for the healthcare industry – make sure that your organization is keeping up with Illumio ZTS.

Read more about how Illumio secures healthcare systems in our industry brief.  

Contact us today for a free demo of Illumio ZTS in action.