DOTmed News: What can they do to try to prevent an insider threat from occurring at their organization?

AK: There are a number of ways to prevent against an insider threat breach. We recommend organizations that are serious about implementing a data-first security strategy do the following:

1) Integrate new encryption technology that minimizes operational impact and works with strong access controls for all important data sources.

2) Implement integrated data monitoring and technologies such as security information and event management (SIEM) systems to identify data usage and unusual and malicious access patterns is critical to maximizing security.

3) Concentrate on protecting data at the source. For most organizations, this will involve protecting a mix of on-premise databases and servers, and remote cloud and big data applications.

4) Develop an integrated data security strategy that includes monitoring, relevant access control and levels of data protection.

With network and endpoint security solutions failing to stop or even detect attacks by employee insiders, and advanced attacks using employee credentials, a layered defense combining traditional as well as advanced data protection techniques is the path forward.

DOTmed News: Is it enough just to meet compliance requirements?

AK: It is not enough for organizations to just meet compliance requirements. As we mentioned, 48 percent of U.S. health care respondents reported that their organization had failed a compliance audit or encountered a data breach in the last year. This indicates organizations are failing even basic data protection and/or not even making it to the low bar that is the compliance level.

The problem with compliance regimes is that they typically evolve over time, with years passing between standards revisions, and even longer periods for legislation. It is important that health care organizations take to heart the fact that this results in compliance requirements becoming a baseline for data protection, not a best practice. Threats can rapidly grow and change, leaving slow-moving compliance requirements behind as new threats emerge.

DOTmed New: Do you think health care organizations will be successful at securing health care data in the next five years or will it take longer than that?

AK: There’s no shortage of news, reports or anecdotes about insider threats and successful cyberattacks. Yet, certain companies still either have an “it won’t happen to me, so I don’t need to worry about it” attitude or the issue has not risen to the board level (thereby driving the board and senior executives to make data security a priority).

More Voices