Identity and Zero Trust: A Health-ISAC Guide for CISOs
Educates health care CISOs on the basic tenets of zero trust, the challenges that may be unique to that market, and how to begin implementing the architecture.
Health-ISAC Unveils “All about Zero Trust: A Health-ISAC Guide for CISOs”
ORMOND BEACH, FL, August 26, 2022 – Health Information Sharing and Analysis Center (Health-ISAC) today released a new white paper intended to help CISOs understand and implement a zero trust security architecture, with a focus on how an identity-centric approach to cybersecurity can provide a foundation for zero trust.
The purpose of this paper is to educate healthcare CISOs on zero trust, detail its basic tenets, the unique challenges to a zero trust migration, and how to begin implementing the architecture.
The paper lays out healthcare specific challenges organizations will have to address. Two key points the paper highlights: the preponderance of Internet of Things devices and the roaming nature of some healthcare workers that may make authentication and fine-grained authorization complex.
Identity is at the core of zero trust: multi-factor authentication (MFA), well-governed authorization, and the proper provisioning of roles and attributes for access is critical. Access rules need to be as granular as possible to enable least privilege and all subjects, assets, and workflows need to be explicitly authenticated and authorized. The paper also adds zero trust components to the Health-ISAC Framework for Managing identity.
This paper is the fifth in a Health-ISAC series focused on helping organizations of all sizes and maturity levels understand the importance of an identity-centric approach to cybersecurity and the ways it can better address the current threat landscape.
This paper is the 5th in Health-ISAC’s Identity Series to guide healthcare CISOs
- Related Resources & News
- Leveraging ISO 81001-5-1 Amid Medical Device Procurement
- Mitigating risk as healthcare supply chain attacks prevail
- Enhancing Cybersecurity in Rural Hospitals
- Health-ISAC Hacking Healthcare 11-15-2024
- Cyber Incident Response: Playbook for Medical Product Makers
- Feds Warn of Godzilla Webshell Threats to Health Sector
- Trump’s Return: Impact on Health Sector Cyber, HIPAA Regs
- Health-ISAC Hacking Healthcare 11-7-2024
- Protecting the Healthcare Supply Chain Against Russian Ransomware Attacks
- All hospitals should be concerned about cyberattacks. Here’s why