My message to healthcare security leaders headed to HIMSS this week is as follows: Before you buy another next-gen product, make sure the products you already have in place are providing value. It’s time to optimize and rationalize your security programs. 

I have been delivering and implementing security solutions since 1998—and I’m still trying to get in front of the latest attacks. It’s true for every security professional, but especially true in the healthcare sector. As medical records increase in value on the black market, it is critical that healthcare institutions continuously assess and validate the effectiveness of their layered defenses across people, processes, and technology. No organization can afford to leave room for assumptions when securing its operations, finances, and protected health information (PHI).

Why are we still seeing headline breaches in the healthcare sector?

After 20 years, I can tell you that it’s not the quality of the IT security leadership. In fact, healthcare CISOs have evolved their roles to include: aligning closer to boards, CEOs, public relations, and, most importantly, the mission—patient care and safety first. Additional resources such as industry analysts, consultants, and technical frameworks offer guidance on how to combat emerging threats and comply with the HIPAA regulations. Even after all of this effort, healthcare breaches are not going away.

With IT security leadership engagement at an all-time high, regulations strictly enforced, and cyber budgets shooting through the roof, where are we falling short?

The answer: A complete lack of continuous security validation is undercutting the efforts of our security teams and widening gaps. Adding to the complexity is the influx of product-overlap, which hemorrhages money and creates a false assumption of security.

The problem is that, until recently, security initiatives could only be measured with point-in-time assessments and table-top exercises. With modern security environments constantly shifting, controls must be continuously scrutinized to keep safeguarding patient safety information. This is why traditional assessments are fundamentally flawed. Without a way to regularly validate defensive controls with evidence-based data, even 9-digit security budgets can fall victim to basic misconfigurations. The good news is that many healthcare organizations already have the right security tools in place; the stack just needs to be optimized.

Today, healthcare organizations can leverage a new technology category: Security Instrumentation. A Security Instrumentation Platform (SIP) empowers teams to measure, manage, and improve the effectiveness of their entire security stack (proxies, IDS, firewall, DLP, Malware Analysis, and SIEMs). Programs can now have holistic visibility into what tools are blocking, preventing, detecting, identifying, alerting, and triggering actions. Additionally, the platform describes how all these tools communicate with the SIEM and validates against models such as MITRE ATT&CK Kill Chain techniques, shared repositories (ISACs), threat intelligence, PCAPs, and custom attacks. Finally, healthcare organizations have empirical data that proves the layered defenses in place are properly safeguarding patient data, meeting compliance requirements, and satisfying business objectives.

To learn more about the benefits and capabilities of Security Instrumentation, request a demo. Never rely on assumptions again. PROVE security.