Access Management , Critical Infrastructure Security , Geo Focus: Asia

A Model for ‘Zero Trust’ in Healthcare

Panel of Experts Offers Insights on the Implementation Steps
From left: Agnidipta Sarkar, Group CISO at Biocon; Jo Stewart-Rattray, CSO at Silver Chain Group; and Min Chee Liew, director of the cyber defense group, IHiS

Implementing a "zero trust" framework for the healthcare sector requires gaining board support for implementing the right access management controls, according to a panel of experts.

See Also: Securing Healthcare: Minimizing Risk in an Ever-Changing Threat Landscape

Australia-based Jo Stewart-Rattray, CSO at Silver Chain Group, provider of hospital and healthcare services, says the foremost challenge in implementing the zero trust model is to gain buy-in from the risk committee.

Another panelist, India-based Agnidipta Sarkar, group CISO at Biocon, a pharmaceutical company, says a key component of implementing a zero trust strategy is making sure access controls are consistent across all touch points.

But before getting started with the zero trust journey, organizations must build awareness of and support for the concept, adds Singapore-based Min Chee Liew, director, of the cyber defense group at Integrated Health Information Systems, or IHiS, the technology agency for the public healthcare sector.

In this video panel discussion, a part of Information Security Media Group's recent Virtual Cybersecurity Asia Summit: Healthcare, the experts discuss:

  • Major stumbling blocks in the zero trust implementation process;
  • How to get started with the zero trust journey in an enterprise;
  • Integrating people, processes and technologies in building a zero trust framework for enhanced security.

Stewart-Rattray, CSO at Silver Chain Group, has more than 25 years of experience in the IT field, including serving as a CIO in the utilities and tourism sectors and as a CISO in the healthcare sector.

Sarkar, group CISO for the Biocon Group, has spent three decades working for global companies, including HP, HPE, DXC, HCL, Wipro, and CMS IT services. He has been an auditor and consultant, advising business leaders on cybersecurity, business continuity, privacy, risk optimization, standardization and resilience.

Liew, director of the cyber defense group at IHiS, is responsible for information and communications technology and medical device security policies and risk management. He also oversees cybersecurity capability development.

About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Vice President - Conferences, Asia, Middle East and Africa, ISMG

Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a group editor for CIO & Leader, IT Next and CSO Forum.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.