A recent advertising campaign video shows a pretend bank robbery to make a point. One of the bank’s customers, lying face down on the floor, asks the security guard to do something. “Oh, I’m only a security monitor, I only notify people if there’s a robbery”. Clearly, there’s a gap in this bank’s security.
Similarly, with no historical cyber security mandate, gaps can occur in medical device cyber security. This is a problem for healthcare technology management (HTM) teams that must prioritize device resiliency, performance, and clinical safety. A single security event could impact any of these priorities.
There are clear gaps in medical device cyber security. These security gaps are made more complex because many HTM teams don’t have a single source of truth for their device inventory. Thus, when a “robbery” occurs, no one has a clear view into what device (“bank”) is affected or whether any other devices are impacted or at risk.
Notification is not enough. Medical device discovery and security vulnerability tools do an excellent job of scanning networks and identifying devices with vulnerabilities as well as creating security notifications for them. They’re also able to provide useful information about the devices’ IP and MAC address and in some cases, an assessment of the risk.
But just like the bank robbery example, notification is not enough. The HTM and security teams need a solution that provides more context and correlation for affected devices. Then they need to kick off a coordinated and orchestrated remediation process that scales to thousands of devices.
What’s needed is a way to connect the right people, processes, and technologies together. This approach would include a centralized, trusted device inventory that integrates with the device monitoring to provide context about a security event. Then a service management process would kick off an automated and orchestrated remediation response.
Three Steps: Move from Monitoring to Response
Nuvolo OT Cyber Security enables HTM teams to move from monitoring to response for medical device security. It does this in a way that can be described in three steps:
- Easily Track Assets and Their Locations
- Quickly Identify and Match Vulnerable Devices
- Automate Remediation Processing
Step One: A Single Device Inventory
Nuvolo OT Cyber Security enables a comprehensive, accurate device inventory that uses a common data format allowing you to easily track assets and their locations. Every time a medical device is purchased, provisioned, maintained, or retired the inventory is updated via a mobile app or web-based tool. The device inventory becomes the single source of truth for all medical devices making security event correlation accurate and fast.
Step Two: Intelligence Hub to Bridge the Gaps
Nuvolo OT Cyber Security creates an intelligence hub that integrates the inventory with medical device discovery and security vulnerability tools, to bridge the gaps between the critical security insight provided by these tools. This allows for rapid device identification and correlation of them to vulnerabilities.
Step Three: Orchestrated Remediation
Nuvolo OT Cyber Security provides automated remediation workflows, that generate rules-based work orders with remediation or patching details and the device’s location in the building. This workflow automatically assigns work orders to an appropriate clinical engineer, information security analyst, or IT resource and tracks the progress of the work order through completion.
Learn more about a single device inventory combined with device monitoring tools and a service management platform to achieve orchestrated remediation for security events.