Journal of Cybersecurity and Privacy (Sep 2024)

Cybersecurity Access Control: Framework Analysis in a Healthcare Institution

  • Erik William Tomlinson,
  • Wolday D. Abrha,
  • Seong Dae Kim,
  • Salvador A. Ortega

DOI
https://doi.org/10.3390/jcp4030035
Journal volume & issue
Vol. 4, no. 3
pp. 762 – 776

Abstract

Read online

Cyber threats are continually evolving and becoming increasingly complex, affecting various industries. Healthcare institutions are the second most targeted industry, preceded by manufacturing. The industry is on the lookout for a reliable cybersecurity system. This research analyzed the feasibility and reality of implementing a Zero Trust Architecture (ZTA) framework within a large healthcare enterprise with a workforce within the range of 45 k to 50 k personnel. It utilizes a baseline concept centered on the widely used Perimeter-Based Security Model (PBSM) in production environments. The focus is on assessing the feasibility of transitioning from a PBSM to a ZTA framework and specifically aims to assess the effects of such a transition on security, control, cost-effectiveness, supportability, risk, operational aspects, and the extent to which ZTA is applicable across different applications. Company X was used as a case study and provided data for analysis in support engagements and host traffic telemetry values. Findings indicated that a PBSM remains effective in providing defense measures for an organization mainly when a significant financial incentive is involved. On the other hand, ZTA offers a more secure environment with a notable reduction in risk, albeit at an additional cost and with added support variables.

Keywords