Portraits Santé - médical - pharmaceutique • T.I.C. - Informatique
Interview with Pierre Samson, Alcatel: Cyber Security and the Healthcare Industry
FOCUS #69 - Pierre Samson, Senior Vice President, APAC , Alcatel-Lucent Enterprise, shares about the case for a layered approach to cyber security in the healthcare industry.
What is the Alcatel-Lucent Enterprise (ALE) approach to managing cyber risks?
We believe that a detailed security policy that defines rules that limit access based on the time of day, the device in use, among other factors, is key to managing cyber risks. A secure digital infrastructure must be able to validate data, behaviours, and destinations, and it must automatically respond to threats. Control at the access level is clearly one of the most effective layers for network defence and, it’s never been more important. User and device authorization prior to connecting to a network asset is critical. The ability to quarantine suspicious activity and run health checks on devices can stop a breach before it happens. In addition to providing ALE customers with solutions that mitigate the risk of cyber attacks, our privacy by design approach adheres to European GDPR requirements to ensure that customer data is protected. We also build security into our own networks, for example, we recently implemented a multifactor authentication (MFA) process to protect employee email accounts from phishing attacks.
Can you briefly explain why cyber security is critical to the healthcare industry?
Today the healthcare industry is experiencing a spike in the number of devices and sensors coming into their facilities. Manually onboarding and configuring these devices is just not an option. Never mind the potential for human error. From staff, to visitors, to the actual medical devices, each one brings a potential security risk. Security breaches that impact patient data or medication records are not unique to any particular part of the world. The fact is, they are happening more frequently, everywhere, and they are impacting lives. At ALE, we believe in a layered approach to cyber security. At the foundation is a secure LANWLAN infrastructure. Next, security policies need to be defined for users and devices. Virtual segmentation of Internet of Things (IoT) is key to creating a secure environment. Layering in location-based services that identify the location of staff, patients, devices and assets can also help administrators keep their fingers on the pulse.
Do you have any exciting security projects or initiatives that you can share with us?
We know that security is top of mind for all enterprises. Whether it’s our healthcare, education, transportation, hospitality or government customers, they all share the same concern. How do we reduce the risk of a cyber attack? We believe that taking a standards based approach is key to protecting their business. And, we were pleased to announce, earlier this year, that we had achieved ISO 27001 Certification. This certification is an internationally recognized standard that addresses security risks and asset management in an Information Security Management System (ISMS). The good news for our customers is that with the ISO 27001 standard built into our solutions, they benefit from best-practice information security management.