3 Things to Learn About:
* 1. Ransomware is a particular problem and currently the highest priority for healthcare organizations. Machine learning can use the structure of a malicious email to detect an attack even before the email is opened.
* 2. Big data architectures provide the machine-learning models with the volume and variety of data required to achieve complete visibility across the spectrum of IT activity—from packets to logs to alerts.
* 3. Intel and industry partners are currently running one-hour, complimentary, confidential benchmark engagements for HLS organizations that want to see how their security compares with the industry .
5. Intel Health & Life Sciences | Make it Personal
Healthcare Security – Increasingly About Survival
• Severe impact of breaches
• Compliance necessary
• Not sufficient to adequately
mitigate risk of breaches
• How far do you have to go?
• Don’t be at the
“back of the herd”
• How does your security
compare?
• How can you measure your breach security against the industry?
5
6. Intel Health & Life Sciences | Make it Personal
Breach Security Capabilities Maturity Model
Improved Breach Security, Usability, Cost, IT Operations
Enhanced
+ Device control
+ Penetration testing / vulnerability scan
+ Client Solid State Drive (encrypted)
+ Endpoint Data Loss Prevention
+ Network Data Loss Prevention (monitoring,
capture)
+ Anti-theft: remote locate, lock, wipe
+ Multi-factor authentication w timeout
+ Secure remote administration
+ Policy based encryption for files and folders
+ Server / database / backup encryption
+ Network segmentation
+ Network Intrusion Prevention System
+ Business associate agreements
+ Virtualization
Advanced
+ Server Solid State Drive (encrypted)
+ Network Data Loss Prevention
(prevention)
+ Database activity monitoring
+ Digital forensics
+ Security Information and Event
Management
+ Threat intelligence
+ Multi-factor authentication with walk-
away lock
+ Client Application Whitelisting
+ Server Application Whitelisting
+ De-identification / anonymization
+ Tokenization
+ Business Continuity and Disaster
Recovery
Baseline
+ Policy
+ Risk assessment
+ Audit and compliance
+ User training
+ Endpoint device encryption
+ Mobile device management
+ Data Loss Prevention (discovery)
+ Anti-malware
+ IAM, Single factor access control
+ Firewall
+ Email gateway
+ Web gateway
+ Vulnerability management, patching
+ Security incident response plan
+ Secure Disposal
+ Backup and Restore
6
8. Intel Health & Life Sciences | Make it Personal
HLS Breach Security Priorities
Global Industry Report
8
• Priorities / levels of concern across 8 types of breaches, including ransomware
• Roughly mirrors allocation
of resources and budget
to mitigate risks
• Statistics on readiness of
organizations for each type
of breach
• Percentage of relevant
security capabilities
implemented
Intel.com/BreachSecurity
9. Intel Health & Life Sciences | Make it Personal
HLS Breach Security
Capabilities
Global Industry Report
9
• 42 security capabilities
• Administrative, physical
and technical safeguards
• Percentage of capability
implemented across Health
& Life Sciences
organizations assessed
Intel.com/BreachSecurity
10. Intel Health & Life Sciences | Make it Personal
Security Incident Response Plan
Global Health & Life Sciences Results
Plans in place
covering what do to in
the event of a
suspected data
security incident or
breach.
10
11. Intel Health & Life Sciences | Make it Personal
Threat Intelligence
Global Health & Life Sciences Results
• Acquisition and sharing of
threats, vulnerabilities
• Reputation
• Static or dynamic analysis
• Behavioral analytics
11
12. Intel Health & Life Sciences | Make it Personal
Digital Forensics
Global Health & Life Sciences Results
Ability to conduct forensic
analysis of IT infrastructure,
often in the event of a
suspected security incident,
to detect unauthorized
access to sensitive patient
information and establish
whether breach occurred
and if so characteristics
such as timing and extent.
12
13. Intel Health & Life Sciences | Make it Personal Intel Confidential – Do Not Forward
Hardware Enhanced Security
13
Security
Software
General Purpose
Hardware
Separate Security
Hardware
Security
Software
Core
Security Logic
General Purpose
Hardware
Core
Security Logic
Core
Security Logic
Trend
Performance,
Robustness,
Usability, Cost
Better
Time
Improved
usability
Hardened
Reduced
Cost
Across the
compute
continuum
38. Intel Health & Life Sciences | Make it Personal
Invitation
• Join us: Breach Security Benchmark
• Analyze your breach security
– Maturity level, priorities, capabilities
– Compared to healthcare industry
– Possible over / under prioritization
– Gaps, areas lagging the industry, and
relative vulnerabilities
• A tool you can use to help rally support to
address gaps
• 1 hour, confidential, complementary
• Conducted by Intel or industry partner
38
Find our more and see an
example report at
Intel.com/BreachSecurity
Contact BreachSecurity@Intel.com