Healthcare in Singapore is evolving rapidly. Electronic health records, telemedicine, and connected medical devices enable clinicians to deliver care anywhere, anytime—but this digital transformation also broadens the attack surface.

According to the Cyber Security Agency of Singapore (CSA), ransomware cases rose by about 21% to 159 incidents in 2024, while phishing attempts reached roughly 6,100 cases, up nearly 50% from the previous year. CSA warns that cybercriminals are adopting “triple extortion” tactics—stealing, encrypting, and threatening to release sensitive data—to pressure victims.

As part of Singapore’s Critical Information Infrastructure, the healthcare sector remains especially vulnerable. Hospitals and clinics are high-value targets not only because they hold sensitive patient records, but also because operational downtime can put lives at risk—creating pressure to pay ransoms quickly. Compounding this risk is the proliferation of digital endpoints, from patient-monitoring systems and telehealth applications to insurance payment systems and home-based devices. These interconnected systems create thousands of potential entry points for attackers.

The SingHealth breach of 2018, which exposed personal data of about 1.5 million patients, remains a stark reminder of the stakes. A single compromised workstation granted attackers privileged access, allowing them to extract sensitive records and triggering a systemic compromise.

Singapore’s forthcoming Health Information Bill will formalize cybersecurity and data protection as regulatory obligations for healthcare providers. Yet cybersecurity can no longer be viewed solely as a technical issue—it must be understood as essential to patient safety, enterprise risk, governance, and business continuity. As the sector digitizes, healthcare leaders must adopt holistic, proactive security models that integrate technology, process, and people to ensure resilience.

Traditional perimeter-based defenses assume that anything inside the network is trustworthy. In a healthcare ecosystem where staff, contractors, devices, and patients connect from anywhere, that assumption no longer holds.

Zero trust replaces that outdated perimeter model with one grounded in continuous verification, least-privilege access, and micro-segmentation. Every user, device, and request is treated as untrusted until proven otherwise—limiting an attacker’s ability to move laterally within networks or reach sensitive assets. Zero trust also enables the early identification of threats, allowing rapid response and containment before an event escalates into a full-blown security incident.

For healthcare organizations, zero trust delivers tangible benefits:

• Reduce the blast radius of breaches: Micro-segmentation prevents attackers from pivoting from an initial foothold to life-critical systems.
• Continuously verify identities and devices: Context-aware access controls and behavioral analytics detect anomalies early and automatically revoke access.
• Enable early detection and incident response: Continuous monitoring and adaptive controls shorten response time, contain breaches quickly, and minimize operational disruption.
• Secure third-party and supply-chain access: Attribute-based controls enable temporary, tightly scoped access for telehealth providers, labs, vendors, and payment partners.
• Protect the Internet of Medical Things (IoMT): Large hospitals can host thousands of IoMT devices—from patient monitors to HVAC systems. Network segmentation and device discovery are foundational to enforcing zero trust policies and isolating risks without disrupting care.
• Safeguard patient and organizational data: Granular permissions, encryption, and immutable backups limit ransomware impact and enable faster recovery.

Beyond protection, zero trust also supports operational continuity. By segmenting networks and controlling access at a granular level, healthcare organizations can maintain critical functions even during incidents—ensuring patient care continues uninterrupted.

Zero trust is not a product—it’s a journey. Booz Allen draws on decades of experience securing defense, intelligence, and health systems globally to help organizations translate zero trust principles into operational realities. Our approach unfolds across four practical phases:

1. Diagnose with contextual intelligence. We map architectures across clinical networks, enterprise IT, and IoMT environments to identify high-risk assets and trust boundaries. Lessons from the SingHealth breach reinforce our emphasis on identity hygiene, continuous monitoring, and device visibility.
2. Design architectures that bridge clinical, IT, and IoMT systems. We embed micro-segmentation, secure gateways, encrypted data flows, multifactor identity authentication, and role-based policies to enable secure collaboration across care providers and partners.
3. Develop roadmaps grounded in operational realities. Our Zero Trust Accelerator provides rapid assessments and phased roadmaps that prioritize high-impact improvements—such as identity onboarding, behavioral analytics, and network segmentation—without disrupting care delivery.
4. Deploy secure collaboration and data exchange. Attribute-based policies, encryption, and data tagging enable secure, auditable sharing of patient and operational data across healthcare ecosystems and third-party systems.

This mission-first approach helps healthcare organizations establish a software-defined perimeter and adopt flexible architectures—such as peer-to-peer mesh VPNs—that enhance resilience and scalability

Singapore’s Healthier SG initiative and the Health Information Bill are accelerating digital health adoption—and cybersecurity must evolve in tandem. Ransomware and phishing continue to rise in prevalence and sophistication, while zero-day exploits and supply-chain vulnerabilities amplify exposure. In this environment, zero trust is not just a cybersecurity framework—it’s an operational imperative.

By validating every access request, segmenting networks, and embedding least privilege into every workflow, healthcare providers can contain threats, ensure continuity of care, and protect both patient and organizational data. When combined with strong governance, workforce readiness, and modernized architecture, zero trust transforms cybersecurity from a compliance checkbox into a strategic enabler of trust and patient safety.

Booz Allen stands ready to partner with Singapore’s healthcare leaders—public and private alike—to chart this journey. By embracing zero trust today, the sector can strengthen resilience, secure its digital foundations, and safeguard the lives it serves.