Zero Trust and the future of cybersecurity in healthcare delivery organizations

George A. Gellert , Sean P. Kelly , Edwin W. Wright , Leslie C. Keil

Journal of Hospital Administration ›› 2023, Vol. 12 ›› Issue (1) : 1 -8.

PDF (697KB)
Journal of Hospital Administration ›› 2023, Vol. 12 ›› Issue (1) : 1 -8. DOI: 10.5430/jha.v12n1p1
Review Articles
research-article

Zero Trust and the future of cybersecurity in healthcare delivery organizations

Author information +
History +
PDF (697KB)

Abstract

Digital care transformation, the proliferation of disruptive technologies and the changing hybrid workforce have forced the evolution of traditional information technology network boundaries of healthcare organizations. The new landscape has rendered legacy existing perimeter defined and based cybersecurity solutions inadequate to meet increasing regulatory and federal demands for highly secure access management. Emerging compliance requirements, coupled with the concerning increase in healthcare data breaches, ransomware attacks, and security incidents targeting the healthcare sector, have transformed our historic notion of trust into an organizational vulnerability. A “Zero Trust” approach to information security is driven by an imperative to “never trust, always verify,” and requires strict, rigorous and continuous identity verification to minimize trust zones and their associated risk of security breach. Healthcare delivery organizations need to appreciate the importance of a Zero Trust strategy in reducing vulnerabilities, strengthening health system information security, and preventing successful security breaches, while also recognizing how identity and access management serves as the foundation of achieving Zero Trust.

Keywords

Zero Trust / Cybersecurity / Identity and access management

Cite this article

Download citation ▾
George A. Gellert, Sean P. Kelly, Edwin W. Wright, Leslie C. Keil. Zero Trust and the future of cybersecurity in healthcare delivery organizations. Journal of Hospital Administration, 2023, 12(1): 1-8 DOI:10.5430/jha.v12n1p1

登录浏览全文

4963

注册一个新账户 忘记密码

FUNDING

This work had no external financial support.

ETHICAL STATEMENT

No patient data was utilized in this analysis.

CONFLICTS OF INTEREST DISCLOSURE

GAG is an external medical advisor to Imprivata Inc. SPK, EWW and LCK are Imprivata employees.

References

Publishing order | Descend order by publishing year | Descend order by cited within
[1]

Rose S, Borchert O, Mitchell S, et al. NIST SP 800-207, Zero Trust Architecture. 2020. https://doi.org/10.6028/NIST.SP.800-207
[2]

Gartner HR Survey Finds 60% of Non-Knowledge Workers Want Their Organization to Provide More Flexibility. STAMFORD, Conn. August 26, 2021. Available from: https://www.gartner.com/en/newsroom/press-releases/08-26-21-gartner-hr-survey-finds-sixty-percent-of-non-knowledge-workers-want-their-organization-to-provide-more-flexibility
[3]

Kindervag J. Forrester Research: Build Security into Your Network’s DNA: The Zero Trust Network Architecture. 2010. Available from: https://www.forrester.com/report/Build-Security-Into-Your-Networks-DNA-The-Zero-Trust-Network-Architecture/RES57047

[4]

Ward R, Beyer B. BeyondCorp: A New Approach to Enterprise Security. 2014. Available from: https://research.google/pubs/pub43231

[5]

Cunningham Forrester. The Forrester WaveTM: Zero Trust eXtended (ZTX) Ecosystem, 2018. Available from: https://www.forrester.com/report/the-forrester-wave-zero-trust-extended-ztx-ecosystem-providers-q4-2018/RES141666?objectid=RES141666
[6]

Executive Order on Improving the Nation’s Cybersecurity. May 12, 2021. Available from: https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/

[7]

Young SD. Moving the U.S. Government Toward Zero Trust Cybersecurity Principles. Available from: https://www.whitehouse.gov/wp-content/uploads/2022/01/M-22-09.pdf

[8]

DoD Zero Trust Strategy. Available from: defense.gov
[9]

Constella 2021 Identity Breach Report. 2021 Identity Breach Report | Constella Intelligence. Available from: https://info.constellaintelligence.com/2021-identity-breach-report

[10]

IBM. IBM 2021 Cost of Data Breach. Available from: https://www.dataendure.com/wp-content/uploads/2021_Cost_of_a_Data_Breach_-2.pdf
[11]

Ponemon Institute. The Impact of Ransomware on Healthcare During COVID-19 and Beyond. September 2021.
[12]

McKeon J. Cybersecurity, Vulnerabilities Not Priorities for Most Hospitals. August 12, 2021. Available from: https://healthitsecurity.com/news/cybersecurity-vulnerabilities-not-priorities-for-most-hospitals

[13]

CynergisTek. The State of Healthcare Security & Privacy 2021 Annual Report. Available from: https://insights.cynergist ek.com/cyber-security-resources/the-state-of-healthcare-security-privacy-2021-annual-report

[14]

Jakkal V. Microsoft Zero Trust solutions deliver 92 percent return on investment, says new Forrester study. January 12, 2022. Available from: https://www.microsoft.com/security/blog/2022/01/12/microsoft-zero-trust-solutions-deliver-92-percent-return-on-investment-says-new-forrester-study/
[15]

Adopt Next-Gen Access to Power Your Zero Trust Strategy. Jul 23, 2018. Available from: http://www.dataproof.co.za/index.php/2018/07/23/adopt-next-gen-access-to-power-your-zero-trust-strategy/

[16]

Considering a Move to Zero Trust Security? Keep these Identity Security Practices and Resources in Mind - Infosecurity Magazine (infosecurity-magazine.com).
[17]

Imprivata White Paper, Zero Trust messaging guide; 2021.
[18]

Allan A, Perkins E, Scholtz T. Gartner identity and access management program maturity model. Oct 8, 2009. Available from: https://gartner.com

[19]

H-ISAC. An H-ISAX framework for CISOs to manage identity, HISAC 2020, April.
AI Summary AI Mindmap
PDF (697KB)

171

Accesses

0

Citation

Detail
Sections
Recommended

AI思维导图

/