Back to Blog

What is Medical Device Security?

Jun 24, 2020
By Tony Bailey

Healthcare teams use medical devices to diagnose or treat people to help them overcome injury or sickness. With longer life expectancy, there is more demand for medical devices that generate additional data. These devices are connected to networks so that healthcare teams can better monitor patient health. For example, CT (Computed Tomography or CAT) or MRI (Magnetic Resonance Imaging) machines may upload imaging files for doctors to review patient results. And device makers might use a network connection so they can perform remote maintenance.

The global market for medical device technologies is predicted to reach $674.5 billion by 2022 (ReportLinker).  When these devices are connected to the network, they represent a security challenge.  IT security solutions are not applicable to medical devices. For example, IT focuses less on device resilience, yet makes security a priority. And IT and the clinical engineers supporting the medical devices tend to speak a different language. Combining these differences with the fact that attackers are looking at new entry points into a business, makes for real threats to a healthcare business.

A recent Palo Alto Networks report stated that 83% of internet-connected medical imaging devices such as MRI machines are open to attack.  According to Gartner, by 2020, the number of medical devices requiring security hardening by a healthcare provider will increase by 45%.  And, recently 465,000 pacemakers were recalled on hacking fears by the FDA. It was determined that security vulnerabilities could put patients’ lives at risk.

One of the biggest challenges for medical device security is identification. When a device security event occurs, the security team see an IP and MAC address that’s affected. They know it’s not an IT device such as a server, laptop, or printer. But they don’t know exactly what it is.  When this happens, there’s the risk of the wrong response, such as unplugging a medical device. In an industry such as healthcare, it is critical that only an authorized clinical engineer is dispatched to remediate the device. A patient’s health, patient health information, or a medical procedure might be at risk.

To address this challenge, there needs to be a way to discover device information and enable clinical engineers to enrich the data.  This medical device inventory acts as the single source of truth that gets an update when the healthcare team gets a new device, or during routine maintenance.

The inventory can contain device make, model, location, department, usage, serial number, latest software version, and maintenance steps. But beyond device discovery and enriched device data, there must be a single orchestration, automation, and response platform and system of record where the inventory and security events data can be ingested. This system of action platform, which is used by the security, IT, and clinical device engineer teams allows rapid remediation of security events.

When a security event takes place, the security team can see the full context of the device. They’ll know who the device owner is and what remediate process must be followed so a work order can be dispatched to the clinical engineer or service providers field technician.  And the work order process can be tracked so that security, IT, and the device engineers are kept aware of the remediation status.

Nuvolo OT Cyber Security solves the problem of quickly remediating medical device security events. That’s because Nuvolo becomes the system of record. In the case of healthcare, that’s for all the medical devices. Nuvolo will ingest security information, match up the device’s IP and MAC address, and fully contextualize it with things like the device usage, what PHI data the device is storing or accessing, and device maintenance records.

Nuvolo’s OT Cyber Security platform, when integrated with real-time monitoring systems provides the security and service management teams shared visibility into device posture. The integrated platform also automates remediation related workflows to reduce cyber security risk. In pioneering the industry’s first OT cyber security platform built on ServiceNow, Nuvolo helps customers achieve better product, facility, and patient safety while protecting critical infrastructure.

 

3rd Party Partner Integrations

Generate security alerts for issues identified by real-time monitoring systems.

 

 

 

 

To learn more:  Watch an on-demand demo of Nuvolo OT Cyber Security