In my role I frequently deal with many security architects in a variety of different verticals. While typically financial services are early adopters of new security software, and new security markets, other verticals don't typically have the resources that banks do. One of these verticals is the health care sector. Hospitals in particular have a variety of sensitive data such as patient medical records, PII data, and third party devices that assist the staff in their care of patients, most of which have IP addresses.
If we take a look on how the secret service protects the U.S. President, they apply four main principles, analyze, separate, monitor and respond. Long before the President goes and speaks in lets say a theater, they go in and analyze, and then separate by adding things such as barriers and metal detectors. What they in essence are doing is taking an incredibly open space and making it much less open. They use a model where the closer the threat is to the President, the more relevant it is to them and the quicker they take action on it. Their act of physically taking an open space and separating it, reduces the amount of threats they respond to.
Security segmentation follows a similar model. Imagine a segmented data center where the connectivity of servers containing high value assets was reduced to only the relevant connections. This would reduce the number of alerts that would be relevant to a reduced staff by having them focuses on the threats that were centered around those high value assets.
Only 14 percent of healthcare organizations say they have a strong in-house SecOps team in place to deal with cybersecurity issues and attacks, new research claims.