Limiting Cyberattack Blast Radius for Healthcare SaaS

Attorneys filed suit against Johns Hopkins University and its health system, alleging that they failed to secure IT systems, resulting in a theft of sensitive patient data. The lawsuit mentions a Zero-Day flaw in the MOVEit file transfer system. Other healthcare providers, including Harris Health, have also been affected by this flaw. As more hospitals come under attack, many are adopting SaaS applications to reduce the burden on their IT teams, but criminals are already creating techniques for attacks. This has forced many SaaS providers for healthcare organizations to improve their security. The article provides five rules for building more secure SaaS applications, specifically for the healthcare vertical, that include implementing a Zero Trust model and empowering users to control their security policies.

Source link