The Healthcare industry experiences twice as many cyber attacks as any other vertical, and medical devices are becoming a favorite target of cyber criminals. In fact, attack vectors unique to medical devices now comprise two of the top 10 application vulnerability exploits in healthcare. As the number, types, and sophistication of connected medical devices grows, their attractiveness as an attack opportunity for cyber criminals will as well.
Connected medical devices are ubiquitous in hospital and other healthcare facilities, and their introduction into those environments is often haphazard, with little – if any – coordination with corporate functions like IT, facilities and procurement. Simply knowing which medical devices are in a given facility, their locations and critical model identifiers, firmware, network attributes and software versions – information critical to securing them from cyber attacks – is often an overwhelming challenge, if not practically impossible.
Several quality products – for example Medigate, Asimily, CyberMDX, CloudPost, and Zingbox - can scan networks and identify devices with vulnerabilities, creating a security “event” for a specific IP and MAC address. The event may be a) the identification of a device that has a vulnerability and needs to be patched, or b) has already been infected with Malware that requires immediate remediation.
However, in the case of connected medical devices, the security products have no way of knowing:
- What kind of device it is
- Where it’s located
- What department owns it
- Is a 3rd party required to address the issue or can in-house clinical engineers handle it
- The internal process needed to remediate it
Nuvolo closes this open loop and automates the process of effectively remediating security vulnerabilities by:
• Matching the device IP address and MAC address with the Nuvolo “single source of truth” asset database to identify the device type, model, serial number, owning department, and other information
• Generating a rules-based work order with remediation or patching details and the device’s location in the building
• Automatically assigning that work order to an appropriate clinical engineer, information security analyst or IT resource.
• Tracking the progress of the work order through close-out
• Identifying all other devices on the network with the same vulnerability, and automatically generating work orders to pro-actively patch or remediate those
By bridging the gaps between 1) the critical security insight provided by leading device security vendors, 2) a comprehensive, accurate asset database, and 3) automated remediation workflows, Nuvolo provides the mortar for an effective wall of security around increasingly ubiquitous - and targeted - connected medical devices.