Don't WannaDie: Using a Zero Trust Approach to Secure Healthcare presented at SecureWorldNewYork 2019

by Christopher Frenz,

Summary : A hospital falling victim to ransomware has become an all too frequent occurrence and one that everyone should be worried about. The WannaCry attack not only took out computer systems at many hospitals worldwide, but also demonstrated that ransomware had the ability to compromise medical devices, proving that ransomware and other cyber threats not only pose a risk to patient information but also to patient safety. These attacks gave a new and wholly unacceptable meaning to the term Denial of Service, and healthcare organizations need to take measures to protect their information systems and medical device deployments against such attacks.This session will demonstrate the need for zero trust by walking attendees through how to simulate a mass malware outbreak and will then discuss taking network segmentation to the next level and implementing a zero trust approach to security whereby every device on the network is restricted to just essential communications. The session will also provide an in depth description of the approach used to achieve zero trust in a multi-site medical center.