Health care organizations represent a particularly vulnerable target for cyber attacks, as they possess large volumes of high-value, sensitive patient data, including protected health information (PHI) and personally identifying information (PII), that can be targeted by ransomware. Since such information is critical for the treatment of patients, hospitals often yield to the ransom to preserve their operations. However, healthcare is dynamic, particularly with increasing globalization and patient relocalization that requires digital health data sent to different providers to be protected. A preventative network perimeter approach is being replaced by a new approach called Zero Trust (ZT) that is both preventative and defensive in nature, and it can be used in conjunction with existing tools like blockchain and artificial intelligence to identify threats and protect organizations. ZT “assumes no implicit trust is granted to assets or users based solely on their physical or network location (ie, local area networks vs the Internet) or asset ownership (enterprise or personally owned).” Such a multipronged approach is well-suited for health care systems and represents a first step to prevent malware from infiltrating digital systems.
