Service Centric Security StrategyWhitepaper


Service Centric Security StrategyWhitepaper

White Paper: Why Build a Service-Centric Security Strategy?

Bad actors are not limited to Hollywood.

According to the 2019 Verison Data Breach Investigations Report, (DBIR) 59% of healthcare breaches exposing corporate data to an unauthorised 3rd party were caused by internal actors. This paper outlines how a CISO can plan and build a secure defence against these bad actors

The Healthcare industry stands out as a leader in securing data, because it is highly regulated and is required to report in more detail than most industries, but costly internal data breaches are seen across all industries. What is the bad actor insider threat?

An insider threat is a malicious threat or a well-intentioned employee error that originates within the targeted organisation for the purpose of negatively impacting the business.

These threats come from people such as employees, former disgruntled employees, contractors or business associates within the organisation who abuse data access and privileges.

The Problem

Organisations fail to develop a mature security strategy because they have no idea how many assets are on their networks, where they are, who owns them and what role the assets play to deliver business-critical services. The Verison 2019 report identified that out of 41,686 security incidents across all industries 34% involved internal actors.

Compliance is Critical

Companies that deal with Protected Health Information (PHI) are required by The United States Health and Human Services (HHS) to develop a security strategy that has physical, network, and process security measures in place and follow them to ensure HIPAA Compliance. Identifying and building a security defense against those attack vectors is difficult because of a number of reasons including:

  • Networks containing electronic PHI (ePHI) are becoming more complex
  • Adoption of hybrid cloud, virtualisation, containers and micro services
  • Inheriting unknown IT assets from a merger or acquisition

Consider a Service-Centric Security Approach

The Service-Centric approach enables an IT professional to take a methodical step-by-step approach to this problem and continually, assess, improve, and mature over time.

Download the full Whitepaper


"*" geeft vereiste velden aan

Dit veld is bedoeld voor validatiedoeleinden en moet niet worden gewijzigd.


Kate Hamblin

Senior ITSM Consultant +44 0118 324 0620