Healthcare systems face a clear and present danger stemming from the growth of connected medical devices and an expanding threat vector. The volume and severity of medical device cyber security threats is growing. The potential liability for the healthcare system includes adverse patient outcomes, brand risk, loss of service or revenue, ransomware demands and loss of patient data. To mitigate these threats, new inter-departmental processes and technology must be operationalized between IT, security and clinical engineering.
Healthcare systems generally have unreliable medical device inventory data. The absence of automated tooling forces the organization to rely on manual methods for device identification. The inherent inefficiencies of these process are compounded by the absence of a single, trusted system of record for medical device data. Manual device identification, untrusted data and disparate CMMS pose a material threat to the healthcare system.
A lack of comprehensive insight into vulnerabilities and threats, including updates from OEMs, alerts from security watchdog organizations and real-time threat activity is another crucial issue. Obtaining actionable data on vulnerabilities and threats, converting it into cyber security intelligence to understand risk and responding quickly with safeguards is a challenge.
Remediating a medical device cyber incident requires coordination across clinical engineering, IT and information security. The current state for most healthcare systems today is three organizations operating in silos with stand-alone tooling. This makes it challenging to collaborate on identifying and mitigating[RR1] a cyber security threat. Many times, the healthcare system is unable to take matters into their own hands to protect vulnerable devices and must wait for certified patches from the manufacturers.
Ordr and Nuvolo address these important challenges by providing a comprehensive medical device cyber security management capability that delivers:
· Consolidated medical device inventory for clinical engineering, IT and security
· Automated medical device identification
· Ongoing threat and vulnerability monitoring
· Enrichment of security incidents with contextual business and clinical data
· End-to-end security incident creation and orchestrated remediation workflow
· Microsegmentation to protect at-risk devices
· Auto-tracking of medical device utilization
· Instant visibility into the organization’s compliance posture
· Detailed audit trail of all security incidents from detection to remediation
By combining powerful inventory identification, intelligence and protection with a modern data, workflow and orchestration platform, the healthcare system will reduce medical device cyber security risk.
The integrated platform enables inventory identification and use of contextual data to inform security operations on the precise nature of a vulnerability or event. The contextual data, workflow and orchestration capabilities inform the remediation process, manage work, initiate compensating controls and support prioritization. The goal is to address a known vulnerability or active threats and then utilize native matching algorithms to auto-identify other at-risk medical devices within the inventory. Proactive measures are then taken to mitigate risk in advance of a threat, including implementing microsegmentation to protect devices. Clinical engineering, IT and security can now work collaboratively, to detect and respond to threats by eliminating traditional, time-consuming manual processes.
The combined solution provides an audit trail that allows for review of security event detection and compensating controls activity through to completed remediation. These capabilities allow the healthcare system to demonstrate compliance with internal security policies and support post-incident analysis for improved processes and collaboration.
Ordr develops IoT security and risk-reduction solutions that protect business-critical devices and systems. Ordr uniquely ties device identity with behavioral analytics so organizations can quickly spot security issues and implement precise controls to protect the environment.
For more information, visit: www.ordr.net
Nuvolo is revolutionizing medical device cyber security by innovating on ServiceNow, the world’s leading enterprise cloud platform. The company’s vision is to be the global leader in cyber security for enterprise operating technology, powered by a culture of innovation and a relentless commitment to customer service. Privately held and headquartered in N.J. with offices throughout the U.S. and internationally in London and Pune, India.