The Doctor Is In: Building a Security Immune System for Health Care

If you’re a member of my generation living in the U.S., you may remember the Bubble Boy. His story grabbed the national consciousness and was made into a TV movie featuring John Travolta. It was a sad tale of how a boy with a severe immune deficiency was forced to live his life inside a plastic bubble to protect him from pathogens. A single breach of that perimeter could end his life.

Patching the Bubble

In a way, an organization that relies on perimeter controls for critical data protection is in a similar sensitive situation. According to results of a recent survey from Accenture, one in four U.S. consumers have had their personal medical information stolen. Twenty-five percent of them switched health care providers as a result. It can be easy for attackers to breach barriers using stolen credentials or via SQL injection. On top of that, organizations need to stay competitive by having data flow through traditional boundaries, such as to the cloud and through mobile applications.

Data needs to break free of barriers so that your organization can thrive, but it must have a strong security immune system to protect it every step of the way. Data protection is not a single silver bullet; it relies on an ecosystem of security disciplines along with collaboration and expertise.

Health Care Industry Struggles With Data Protection

Vendors are often so focused on showing off product capabilities that they forget there are compelling security issues to be solved. Their job is to bring the pieces together and show the art of the possible.

The findings of the same Accenture survey showed that half of those who experienced a breach were victims of medical identity theft and had to pay approximately $2,500 in out-of-pocket costs per incident on average.

The problem of a weak security immune system really hit home for me after my health care data was breached twice in 2015. Sure, I was angry, but beyond that, I wanted to demonstrate that there is a better way to protect data and that all organizations can do better.

Out of this experience was born a real-life demonstration that we built on the cloud. To me, it’s much more effective than PowerPoint slides in demonstrating a more robust approach to data protection that leverages an integrated, layered approach to security.

Whether you work in health care or not, we can all relate to getting medical treatment — that’s where our story begins. In our upcoming webinar, you will see how attacks occur and a demonstration of how a security immune system can help you detect and prevent loss of your valuable data.

The System Response

Just as your body needs a strong immune system to ward off illness, your system needs integrated, enterprise security tools and point products to shield and recover from attacks. Security tools that not only detect but also isolate, respond, mitigate and eradicate advanced threats.

Join our May 23 webinar to see what happens when Janet, an innocent health care worker, clicks on the wrong email and has her credentials stolen. The story unfolds from there; in this case, however, we will see how a security immune system could have detected and prevented the loss of critical information.

cute puppy that phished Janet because her prom photo was hawt.

Like Janet, you can learn from this experience and avoid having your bubble popped.

Register now for the May 23 webinar: Building a Security Immune System for Health Care

Share this Article:
Cindy Compert

CTO Data Security and Privacy, IBM Security

Cindy is a technical visionary driven by wanting to make a difference around the world, advancing the health, safety, and well-being of others. She believes that Data Security and Privacy are key enablers to realizing the benefits of the digital and cognitive enterprise. Cindy has worked with hundreds of clients across multiple industries including Finance, Healthcare, and Public Sector. She is an active member of the International Association of Privacy Professionals (IAPP), a Certified Information Privacy Manager/Certified Information Privacy Technologist, and co-author of “Information Governance Principles and Practices for a Big Data Landscape”. Cindy invented the IBM Security GDPR Framework and is leading IBM Security’s GDPR solution strategy across the company. She is a highly-regarded speaker and has presented at RSA, IAPP and IBM InterConnect conferences. Cindy was also recently granted a patent on mobile caller risk. Cindy holds a BA/MBA from New York University and is a recognized Impressionist landscape painter who exhibits throughout Southern California.