Implementation of an NGFW at Bari First
Western Governors University
WGU Student
July 25, 2025
,Implementation of an NGFW at Bari First
A. Describe the security problem under investigation.
1. Explain the importance of the security problem, including background information and
the environment in which the problem exists.
Bari Assist is a small medical company with fewer than 500 employees and a home office
in McDonough, Georgia. Still, it provides virtual psychiatric evaluations to patients throughout
the United States.
The company’s background is that it provides psychiatric evaluations to patients considering
bariatric surgery, per their insurance requirements, to be covered by their insurance for the
surgery. These evaluations require medical information to be used, transferred, and stored. The
company currently has a traditional firewall close to its EOL date, which has been inadequate in
providing an effective security posture for the medical company’s patient information. Without
Bari Assist’s layered cybersecurity protocols in place, its patients’ medical information would
have been accessed and used maliciously via ransomware. Its cybersecurity team detected that
ransomware attempts have increased by over 30% within the last three months and have become
more sophisticated. A traditional firewall is unable to combat these threats. Implementing a new
generation firewall is essential to protecting the company’s tangible and intangible assets and
patient data.
2. Provide documentation related to the security problem demonstrating the need for a
solution, referencing applicable white papers or articles.
Ransomware has become an increasing threat to the American healthcare system due to
the industry’s various cybersecurity weaknesses. The American healthcare system and medical
businesses have traditionally had older cybersecurity practices, such as legacy systems, and often
,Implementation of an NGFW at Bari First
practice inconsistent cybersecurity protocols. Due to the older systems and lax cybersecurity
protocols, a healthcare company’s access to PHI and their unwillingness to let this information
be released, ransomware in the healthcare sector is a straightforward and profitable business for
cyber criminals.
The article,” US Healthcare At Risk: Strengthening Resiliency Against Ransomware Attacks,”
highlighted that in a 2024 report based on a survey of 402 healthcare organizations, it was found
that 67% of the organizations involved in the study experienced a ransomware attack in the past
year and 53% of them admitted to paying ransoms in 2024, up from 42% in 2023. The average
admitted ransom payment amounted to $4.4 million (US Healthcare at Risk: Strengthening
Resiliency Against Ransomware Attacks, n.d.).
3. Summarize each root cause of the problem in the identified environment where the
security problem is situated, including supporting evidence, if applicable.
Bari Assist’s CISO determined that there were three root causes of the ransomware at
Bari Assist, and they were identified as legacy software, interconnected systems, and the lack of
cybersecurity expertise at Bari Assist. The three root causes of the ransomware within Bari
Assist’s network will be individually examined below.
Legacy Software
, Implementation of an NGFW at Bari First
Bari Assist currently uses a traditional firewall with many security flaws, making it an easier
target for ransomware attacks. Traditional firewalls protect against known threats by filtering
network traffic according to established rules. However, modern ransomware can bypass these
firewalls by exploiting vulnerabilities, using social engineering techniques, or transmitting
through encrypted traffic that the firewall may not inspect. Bari Assist’s interconnected systems
—such as electronic health records, patient monitors, and telemedicine—increase the risk of
rapid, widespread cyberattacks.
Interconnected Healthcare Systems
Bari Assist employs interconnected solutions such as EHRs, patient monitors, and telemedicine,
which, if compromised, may enable attackers to propagate threats and disrupt operations on a
broad scale rapidly.
The interconnected nature of their healthcare infrastructure gives cyber criminals numerous
opportunities to exploit gaps within the network.
The key reason for the considerable ransomware threat against the healthcare industry is that the
sensitive and valuable data maintained by healthcare organizations—including PHI, financial
records, and permanent medical histories—is highly sought after on illicit markets, rendering
these entities prime targets for sophisticated and enduring fraudulent schemes.
Lack of Cybersecurity Expertise
Western Governors University
WGU Student
July 25, 2025
,Implementation of an NGFW at Bari First
A. Describe the security problem under investigation.
1. Explain the importance of the security problem, including background information and
the environment in which the problem exists.
Bari Assist is a small medical company with fewer than 500 employees and a home office
in McDonough, Georgia. Still, it provides virtual psychiatric evaluations to patients throughout
the United States.
The company’s background is that it provides psychiatric evaluations to patients considering
bariatric surgery, per their insurance requirements, to be covered by their insurance for the
surgery. These evaluations require medical information to be used, transferred, and stored. The
company currently has a traditional firewall close to its EOL date, which has been inadequate in
providing an effective security posture for the medical company’s patient information. Without
Bari Assist’s layered cybersecurity protocols in place, its patients’ medical information would
have been accessed and used maliciously via ransomware. Its cybersecurity team detected that
ransomware attempts have increased by over 30% within the last three months and have become
more sophisticated. A traditional firewall is unable to combat these threats. Implementing a new
generation firewall is essential to protecting the company’s tangible and intangible assets and
patient data.
2. Provide documentation related to the security problem demonstrating the need for a
solution, referencing applicable white papers or articles.
Ransomware has become an increasing threat to the American healthcare system due to
the industry’s various cybersecurity weaknesses. The American healthcare system and medical
businesses have traditionally had older cybersecurity practices, such as legacy systems, and often
,Implementation of an NGFW at Bari First
practice inconsistent cybersecurity protocols. Due to the older systems and lax cybersecurity
protocols, a healthcare company’s access to PHI and their unwillingness to let this information
be released, ransomware in the healthcare sector is a straightforward and profitable business for
cyber criminals.
The article,” US Healthcare At Risk: Strengthening Resiliency Against Ransomware Attacks,”
highlighted that in a 2024 report based on a survey of 402 healthcare organizations, it was found
that 67% of the organizations involved in the study experienced a ransomware attack in the past
year and 53% of them admitted to paying ransoms in 2024, up from 42% in 2023. The average
admitted ransom payment amounted to $4.4 million (US Healthcare at Risk: Strengthening
Resiliency Against Ransomware Attacks, n.d.).
3. Summarize each root cause of the problem in the identified environment where the
security problem is situated, including supporting evidence, if applicable.
Bari Assist’s CISO determined that there were three root causes of the ransomware at
Bari Assist, and they were identified as legacy software, interconnected systems, and the lack of
cybersecurity expertise at Bari Assist. The three root causes of the ransomware within Bari
Assist’s network will be individually examined below.
Legacy Software
, Implementation of an NGFW at Bari First
Bari Assist currently uses a traditional firewall with many security flaws, making it an easier
target for ransomware attacks. Traditional firewalls protect against known threats by filtering
network traffic according to established rules. However, modern ransomware can bypass these
firewalls by exploiting vulnerabilities, using social engineering techniques, or transmitting
through encrypted traffic that the firewall may not inspect. Bari Assist’s interconnected systems
—such as electronic health records, patient monitors, and telemedicine—increase the risk of
rapid, widespread cyberattacks.
Interconnected Healthcare Systems
Bari Assist employs interconnected solutions such as EHRs, patient monitors, and telemedicine,
which, if compromised, may enable attackers to propagate threats and disrupt operations on a
broad scale rapidly.
The interconnected nature of their healthcare infrastructure gives cyber criminals numerous
opportunities to exploit gaps within the network.
The key reason for the considerable ransomware threat against the healthcare industry is that the
sensitive and valuable data maintained by healthcare organizations—including PHI, financial
records, and permanent medical histories—is highly sought after on illicit markets, rendering
these entities prime targets for sophisticated and enduring fraudulent schemes.
Lack of Cybersecurity Expertise
