Menlo Security Cloud Security Platform receives FedRAMP® Authorization
Traditional security approaches are flawed, costly, and overwhelming for security teams. Menlo Security is different. It’s the simplest, most definitive way to secure work—making online threats irrelevant to your users and your business.
Our platform invisibly protects users wherever they go online. So threats are history and the alert storm is over.
Traditional network security wasn’t built to address today’s complex enterprise environments. SASE fixes that problem.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.
Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise.
Marcos Colon | Aug 10, 2021
Share this article
With all the high-profile cyberattacks hitting electrical infrastructure, manufacturing, and political entities, it’s easy to forget that healthcare is the number one targeted industry in the world. According to the 2021 Verizon Data Breach Investigations Report, there were 655 cybersecurity incidents in 2020 that impacted healthcare organizations globally. It’s gotten so bad that the FBI and the U.S. Department of Health and Human Services took the unprecedented step of issuing a joint alert warning that cybercriminals were taking new aim at healthcare providers and public health agencies.
Healthcare organizations are a tempting target for cybercriminals because they offer a treasure trove of personal information, present an easy target because of lagging cybersecurity maturity, and are in the midst of transformative change in how patient care is delivered. Today’s healthcare technology innovations have introduced connected network systems and wireless technologies capable of providing lifesaving functions, enhancing provider productivity, and improving affordability. Devices, both corporate issued and personal, are used within the confines of the network and at places with less secure Wi-Fi, such as homes and coffee shops.
The acceleration of telehealth and work-from-home models boomed across all types of healthcare organizations in 2020, allowing patients to continue to get the care they needed without putting their health further at risk from Covid-19 infection. Dispersed healthcare professionals needed access to sensitive patient data from managed and unmanaged devices. As endpoints proliferated, so did the security risks.
This increased exposure is scary. While typical security incidents may entail temporary operational disruption, penalties, and reputational damage—things that are repairable over time—protecting healthcare organizations from malicious activity can have life–death implications. A recent attack in the Czech Republic took a Covid-19 testing site offline just as cases were soaring, while a successful breach at a hospital network in New Zealand took down the organization’s paging system, forcing nurses to use personal mobile phone numbers to alert doctors when a patient suffered a cardiac arrest. In both cases, healthcare professionals were not able to deliver the level of care their patients needed—all because the digital healthcare solutions they relied on were infiltrated.
Breaches and incidents continue to rise, and even healthcare organizations with the best detect-and-respond solutions continue to fall short. The problem is that new malware variants emerge daily, requiring IT teams to constantly patch and update attack signatures. And once the initial penetration is made, a lack of visibility into traffic inside the network allows threat actors to spread laterally to other systems and applications with impunity. Making matters worse, the acceleration of digital transformation as a result of Covid-19 restrictions massively expanded healthcare organizations’ attack surfaces and created major security gaps. All it takes is for one user to click on a single malicious link, and your network is exposed. Unfortunately, cybersecurity solutions are not keeping up with modern threats.
Given the recent architecture changes and move to work in the cloud, now is the time for healthcare organizations to turn the challenges uncovered by the pandemic into opportunities to improve patient care. Moving security closer to the user and delivering security services through the cloud allows healthcare organizations to proactively protect systems and data across the network at scale, including edge and Internet of Medical Things (IoMT), without slowing the user experience.
The key to achieving this goal is through Zero Trust powered by isolation. A Zero Trust approach assumes that all traffic—inbound and outbound—is inherently bad. Instead of making an allow-or-block decision at the point of click, healthcare organizations should be able to block known threats and isolate everything else. This fail-safe technique essentially cuts off access to users’ devices—preventing malware from getting a foothold in the network. And because it’s delivered through the ubiquitous cloud wherever users log in, isolation eliminates security gaps in the face of expanding threat surfaces.
Zero Trust requires a reimagined cloud-based network and security architecture through Secure Access Service Edge (SASE). Moving to SASE requires a phased approach, implemented in alignment with a healthcare organization’s specific business objectives. The way to do this in a cost-efficient, nondisruptive way is to first focus on eliminating attacks on users with an emphasis on where healthcare professionals spend the most time during their working day—in a web browser—through a combination of leveraging a secure web gateway (SWG), cloud access security broker (CASB), data loss prevention (DLP), and remote browser isolation (RBI). This integrated approach can provide a strong security foundation and the scalability required to begin a SASE transformation.
It’s time to stop ransomware, malware, and zero-day exploits. Download this new ebook to discover how healthcare organizations can prevent cybersecurity breaches today.
Posted by Marcos Colon on Aug 10, 2021
Tagged with Healthcare, Healthcare/Life Sciences, Remote Working, SASE, SWG, Zero Trust
To talk to a Menlo Security expert, complete the form, or call us at (650) 695-0695.