By Chris Cullerot, Director of Technology and Innovation at iTech AG
In April, the Centers for Disease Control and Prevention (CDC) released its first-ever Public Health Data Strategy. The comprehensive plan provides practical guidance on data, technology, policy, and administrative actions that health agencies and organizations can use to exchange crucial information efficiently and securely across the public health industry.
Health professionals can enhance their abilities to identify and respond to health threats with this new plan, ultimately improving outcomes for all individuals. However, the success of these initiatives hinges on data being not only accessible and functional but secure.
Agencies throughout the government are prioritizing cybersecurity in response to urgent mandates, Executive Orders, and memos such as OMB’s Federal Zero Trust Strategy. Zero trust is one security approach that will be crucial to protecting the invaluable data that the CDC’s strategy will leverage to advance public health. A valuable framework agencies can follow is the Cybersecurity and Infrastructure Security Agency’s (CISA) Zero Trust Maturity Model, which outlines five pillars and three capabilities to support agencies at different places in the zero trust journey.
To effectively implement zero trust in support of the CDC’s data health plan, partner agencies will need to utilize existing zero trust models as a roadmap to enable response readiness and align with broader initiatives, in turn safeguarding our nation’s networks and health data transmitted across those networks.
Assessing Zero Trust Posture
The first step in the CISA Zero Trust Maturity Model is assessing and evaluating an agency’s current posture for strengths and weaknesses so IT leaders can make better-informed decisions on priorities and technology needs. With a thorough understanding of the current security posture, health leaders can secure vital data exchanges of the nation’s health information. It’s important to reassess regularly to ensure that the agency is always up-to-date and can protect its data from potential threats.
With visibility into their unique starting points, agencies can use existing zero trust guidance for reference as they work to reach an “optimal” posture. The zero trust pillars of identity, devices, networks, applications, workloads, and data will help keep agencies accountable and informed of their cyberinfrastructure needs and next steps.
Automating Cyber Incident Response
The CDC’s plan stresses the importance of having better access to analytics and automated solutions while also keeping security protocols in mind. Zero trust will restrict access based on identities, so data is protected against false credentials, but always available to authorized users.
A zero trust approach can limit access paths for attackers but still requires automated security controls and centralized visibility to effectively manage the deluge of security events cyber operation center analysts face. To prevent the loss of important alerts or a delay due to large volumes of information, analysts need a detection and event management process to prioritize the most critical incidents.
Automated ticket generation, managed through the incident response workflow for validation, response, and remediation, can support this prioritization to protect healthcare data and systems.
Utilizing Security Playbooks
A cybersecurity playbook is an essential tool that every agency should have in place. It provides a detailed set of guidelines that outline exactly what steps to take in the event of a data breach or loss.
Healthcare security leaders will likely notice patterns and common threats that can be mitigated with a repeatable response. Playbooks make it possible to automate responses to common security incidents such as email phishing, malware, and denial of service. They can be tailored to an organization’s specific needs, ultimately improving SOC teams’ efficiency through greater automation.
The CDC’s Public Health Data Plan is a much-needed initiative that will help our nation build strong and resilient health IT systems capable of navigating the complexity of today’s healthcare ecosystem. But wherever data is involved, attention to cybersecurity is essential. Utilizing zero trust principles is a proactive and diligent approach that can help agencies advance core public health missions while ensuring resilient systems that can combat tomorrow’s threats.
Chris Cullerot is a security leader and strategist with over 18 years of experience in security management and operations. He has led numerous security programs and initiatives during his career including the Incident Response Program for the 2016 Presidential Transition Team.
Chris is driven by a passion for innovation with the ability to integrate the security function with corporate goals and business strategies. He currently serves as the Director of Technology and Innovation for iTech AG overseeing the delivery of the company’s technical portfolio of services including digital innovations and cybersecurity.