FireScope

Service Centric Security StrategyWhitepaper

FireScope

Service Centric Security StrategyWhitepaper

White Paper: Why Build a Service-Centric Security Strategy?

Bad actors are not limited to Hollywood.

According to the 2019 Verison Data Breach Investigations Report, (DBIR) 59% of healthcare breaches exposing corporate data to an unauthorised 3rd party were caused by internal actors. This paper outlines how a CISO can plan and build a secure defence against these bad actors

The Healthcare industry stands out as a leader in securing data, because it is highly regulated and is required to report in more detail than most industries, but costly internal data breaches are seen across all industries. What is the bad actor insider threat?

An insider threat is a malicious threat or a well-intentioned employee error that originates within the targeted organisation for the purpose of negatively impacting the business.

These threats come from people such as employees, former disgruntled employees, contractors or business associates within the organisation who abuse data access and privileges.

The Problem

Organisations fail to develop a mature security strategy because they have no idea how many assets are on their networks, where they are, who owns them and what role the assets play to deliver business-critical services. The Verison 2019 report identified that out of 41,686 security incidents across all industries 34% involved internal actors.

Compliance is Critical

Companies that deal with Protected Health Information (PHI) are required by The United States Health and Human Services (HHS) to develop a security strategy that has physical, network, and process security measures in place and follow them to ensure HIPAA Compliance. Identifying and building a security defense against those attack vectors is difficult because of a number of reasons including:

  • Networks containing electronic PHI (ePHI) are becoming more complex
  • Adoption of hybrid cloud, virtualisation, containers and micro services
  • Inheriting unknown IT assets from a merger or acquisition

Consider a Service-Centric Security Approach

The Service-Centric approach enables an IT professional to take a methodical step-by-step approach to this problem and continually, assess, improve, and mature over time.

Download the full Whitepaper

Contact Form

  • This field is for validation purposes and should be left unchanged.

Contact

Kate Hamblin

Senior ITSM Consultant +44 0118 324 0620

No. 1 training provider of the year!

Pink Elephant has been named as the number one provider of IT training! According to the latest survey from Computable – Read more