Healthcare's hyperconnected vertical nature has made endpoints a challenge to secure. And yet, these verticals are critical to protect health systems and patient data, shared David Ting, CTO and Founder of Tausight. Now, he joined Influencers to share on protected health information (PHI), cyberattack preparation, and his company’s solution to these challenges.
Tausight, founded in 2018, is focused on protecting PHI at the point of risk. Their organization focuses on solutions specifically designed to help CIOs and CISOs ensure the confidentiality, integrity, and availability of PHI.
Tausight uses statistical data to keep health IT’s mission-critical infrastructure consistent, Ting explained. While navigating across the system, users have the ability to compare endpoint visibility and insight across applications.
"That is the basis for how you build true reliable infrastructures. Infrastructures that are safe, infrastructures that can deliver the kind of performance you want and the kind of security you want," Ting explained.
Traditionally, clinical workflows have revolved around digital patient records. This has made it essential to ensure clinicians can access information. Therefore, there has been a need to defend the system, gain visibility in PHI, monitor the medical record environment, and provide endpoint visibility. Ting explained how this approach has stemmed from securing workflows and transcends them into technical infrastructure.
"Changing the perspective from one purely defending and managing your technical infrastructure to managing what's critical in your operations and your business is the change that we believe in," he said.
Data is everywhere, making it difficult to secure. PHI data is the basis on which healthcare runs, Ting said. Therefore, it demands attention as complexity and interconnected needs are high.
Healthcare has become a hyper-connected vertical: an environment that is very challenging to secure due to a lack of physical barriers for machines. Hospitals hosting computers and other healthcare devices across their physical locations has resulted in higher endpoints. As clinicians access patient information in and out of organizational walls, data has become increasingly challenging to secure everywhere.
Ting emphasized that organizations need to determine the systems involved with PHI to gain endpoint visibility, locate access, and secure data. Because PHIs will generate any time a doctor or nurse puts together patient notes, data does not stay centralized in the EMR. It is expansive and can go everywhere.
Currently, Ting has viewed the process as teems of people aggregating clinician access across tools. Ting put forward a more integrated inside-out view, which starts with data and workflows, moving into a technical infrastructure.
Without a hardline perimeter for clinicians to access patient health information, securing the health system's network edge has become a significant challenge. Additionally, new PHI data has continued to generate increasing the security risks.
At Tausight, Ting has emphasized protecting data, systems, and workflows. The company has focused on recovering systems, operating under the impression that cyber incidents are inevitable.
“It’s not a matter of if you'll have a cyber incident. It's a matter of when. And more importantly, how do you get back to business? How do you continue operations knowing that everything in the cyber blast radius has been contained? That your system is back to an operational status recovery in this modern world is as important as detection? It is as important as protecting?" he explained.
Tausight provides tools that assist systems with endpoint visibility, defending assets, and recovering post-cyberattack.
Protection should go beyond a system's network, even looking at the edge extending outside of firewalls. Ting expressed that health systems should leverage the cloud in cloud-hosted solutions that share data with business associates.
"Why would I send or work with you if I can't verify that the endpoint that you're using to connect to me to handle my data is securable?" he asked.
Tausight has built a SAS deployed solution where technology drops on endpoints outside of the cloud.
Ting expressed how a holistic framework is integral for health systems as complexity and need for specialists increase. Requiring numerous disparate tools, analyzing the clinician's perspective across multiple endpoints is the way to start.
“I always tell people, unlike the rest of the other industries, clinicians don't have just one machine. They have every machine. They have access on every machine,” he explained.
Through tracking, clinicians paths across endpoints can reveal levels of security. This holistic approach has made it where machines can monitoring endpoints correlate to users to activities.
Seeing the industry’s need while in the HHS Cybersecurity Task Force during WannaCry, Ting understood the complexity of security. Additionally, hearing stories of customers affected and application breaches exfiltrating PHI data further highlighted the issue.
"To me, that was a new indication that as infrastructure. We didn't have the right tools. We didn't have situational awareness that would give somebody an alert that says there are processes running on our machines that you guys don't know about," he explained.
Tausight began with the purpose of building a tool for securing clinical workflows.
"Our goal is not to replace all your tools. Our goal is to give you a better perspective of managing how you secure clinical workflow, starting with understanding where your PHI data is, how it's secured, how it's being used, where it's moving to, and the ecosystem around that PHI," he said.
In a recent Verizon Breach Report, many CIOs cannot discern what runs across their system's endpoints. They have been left unable to prepare for advanced and persistent threats.
"The fact that you can have something sitting there lurking without your knowledge, running in a privileged mode, those are things that you need to worry about," he said.
Individual computer systems have complex endpoints with thousands of settings and hundreds of processes. The activity multiplies across endpoints to millions of data points, which is impossible to keep track of at every moment.
Digesting data through AI is the way to track enormous amounts of endpoints, Ting said. Consistent systems allow AI to sift through changes.
Healthcare is not homogenous, and each health system varies in size, capabilities, and resources. As a "living organism," health IT must constantly evolve. This has made creating a universal framework challenging, according to Ting.
The conclusion of the first cybersecurity task force was to adopt the NIST cybersecurity framework as the model for system security. After inventorying assets critical to the workflow, systems can process how endpoints are protected. Without understanding how these areas are secured, there is less opportunity to detect attacks, Ting explained.
"You need to have visibility into what is going on across your system in order for you to respond," he said.
When software is compromised across various without endpoint visibility, IT professionals cannot determine which points to shut down to prevent secondary attacks. Therefore, Ting emphasized systems should be scrubbed after incidents to ensure deeper agents implanted do not linger.
The NIST framework model is a systematic approach with strict guidelines. Tausight's approach reflects visibility, rethinking traditional attempts to secure perimeters.
Identifying where data is at, what impacts workflow, and how clinicians utilize systems reveals endpoint visibility across perspectives.
"We basically approached the problem, not from these bad things are going to happen. We approached it from the perspective that this industry needs a better set of tools to help manage the concerns that we talked about. The technologies are right. The know-how is there. The need is there," Ting said.