Cybersecurity Solution Aims to Protect Medical Devices

Without the proper security, the plethora of IoT devices can leave hospital networks vulnerable to bad actors and ransomware attacks. Cybersecurity software that can assess all devices on the enterprise, determine risk levels, and present mitigation strategies can strengthen the network, safeguard patient privacy, and ensure regulatory compliance.

Image credit: CyberMDX Technologies

Securing hospital networks is paramount. Protecting patient health information, personal data, and financial information is critical. Maintaining privacy of patient information seems obvious, but with so many systems and devices on the network, hospitals are vulnerable to attacks from inside and out.

New edge technologies are improving patient care and relieving staff of unnecessary tasks. Internet of Things-based and connected medical devices increase patient care through continual monitoring, immediate alerts, collaborative consultation, and targeted treatments. However, those same devices are rarely accounted for in the same manner as other IT assets.

CyberMDX Healthcare Security Suite

Image credit: CyberMDX Technologies

Taking Control of Medical Devices

Intel® partner CyberMDX Technologies is helping healthcare facilities take control of their networks, and all the devices on them, connected or not. The New York City-based company, recently acquired by ForeScout Technologies, develops medical cybersecurity solutions that combine healthcare security and comprehensive asset management.

The CyberMDX Healthcare Security Suite encompasses a core software platform, control center software, advanced reporting software, and sensors, either in the form of hardware, software, or virtual appliances. The out-of-the-box solution operates on a single tenant cloud environment but can be upgraded to multitenant.

The solution searches the network to discover assets using layer 7 medical protocol capabilities and artificial intelligence. The software continually checks for new devices and can locate assets hidden behind firewalls and serial gateways. It looks beyond the network layer to determine on-device and on-perimeter risk levels as well. The sensors perform deep packet inspection on network traffic and report metadata and events to the core software; sensitive patient data remains on the customer network.

Risk Assessment and Custom Security

The CyberMDX core software then performs a risk assessment of each device based on its known exposures, potential for attack, and operational significance. The software can create AI-based security access and enforcement policies for each device. It can isolate devices, further restricting access to authorized nodes if needed. It uses AI and rule-based attack detection to identify threats in real-time.

Operators can view vulnerabilities and potential risks as well as operational analytics through dashboards and detailed reports. CyberMDX will suggest mitigation and remediation tactics, and operators can use AI-based simulations to determine the best course of action. It tracks which actions have been taken and which still remain. Other reports detail utilization data for imaging and infusion pumps, so healthcare facilities can optimize equipment usage and capital investments.

CyberMDX Healthcare Security Suite dashboard

Image credit: CyberMDX Technologies

Metro Health Insights

University of Michigan Metro Health has 26 locations and deployed CyberMDX to gain more granular information about its network. The healthcare provider wanted detailed information about the devices across the entire enterprise. CyberMDX provided insight and has enabled the healthcare organization to focus on hardening the network.

After finding each device on the network, CyberMDX identifies it based on location. Displaying “second floor, hospital” along with the IP address makes it easier for Metro Health to locate and tackle problem areas. It also can identify unmanaged devices, including embedded devices on different operating systems, and supports the Cisco Identity Services Engine, which was a key factor for Metro Health.

CyberMDX can ascertain the patching level of each device and determine which devices have protected health information (PHI). The software generates dynamic access control lists, enabling network operators to develop macro and micro segmentation where needed. With CyberMDX, Metro Health can protect its assets, while ensuring security and compliance across all departments.