A Look at What’s Next for the Cybersecurity of Health Systems

Jonathan Langer

CEO and Co-founder

24 Jul, 2020 • 6 minutes read

How to achieve next-generation device safety and security protection

The Perfect Storm that Has Been Brewing in Cybersecurity for Health Systems

By 2025, approximately 68% of medical devices will be connected or connectable to health system networks. These connections open up all sorts of opportunities AND challenges. Each one of these devices simultaneously represents an occasion for healthcare providers to transform the delivery of patient care and attackers to infiltrate the health system networks. Each is a new attack vector; each is a potential entry point that needs to be defended.

And attackers aren’t going to wait. Hackers continue to target health systems with a ferocity unmatched by any other industry, as healthcare is often cited as the industry targeted the most by cyber criminals. Unfortunately, the chaos created by the global pandemic only seems to have increased the bullseye on healthcare’s back. We’ve seen a 150% increase in cybersecurity threats since the onset of COVID-19. A recent Forbes article attributes the “significant increase” to hackers trying to maximize profits.

Ironically, COVID-19 has, by many accounts, pushed telehealth adoption forward by a full decade, as health systems look to adapt to a world of physical distancing. This is creating a perfect storm, so to speak, for cybersecurity, with a growing attack surface and threat landscape converging to create a new reality that requires swift adjustments to a hospital’s strategies, best practices, and operational planning.

Don’t Forget About the Underlying Financial Pressures

During the brewing of this perfect cybersecurity storm, we’ve seen health systems, like everything and everyone else, be asked to do more with less. The increased downward pressure on operating margins that we’ve witnessed over the past years (U.S. hospital operating margins went down 39 percent from 2015 to 2017) has been further exasperated by COVID-19. It is estimated that U.S. hospitals will lose $200 billion in revenue due to COVID-19 by the end June 2020, with one report finding that 97% of health systems are losing an average of $2800 per case, with many losing between $8000 and $10,000 per case.

So, while health systems can’t afford to be hit by a successful cyberattack (the average healthcare breach costs health systems $6.45 million), they also can’t afford to put defensive measures in place that drain their operational resources. They need strategies and solutions that are smart and efficient. Ideally, the tools, technologies, and processes they put in place to manage and protect all their connected medical devices will lead to improvements in both their security stance and bottom line.

What’s Needed

We recently led a HIMSS session, “Next-Generation Cybersecurity: Safeguarding Connected Medical Devices,” where we discussed the unique challenges health systems and other provider organizations face when trying to protect all the connected and connectable medical devices in their clinical networks.

We then looked at the components that are needed for a comprehensive cybersecurity strategy to effectively protect healthcare operations today and going forward.

The foundation of this strategy is visibility into each and every device connecting to the network. The visibility must include granular details and insights into the device itself (e.g. its make, model, OS, embedded software, protocols, etc.), when it is connecting, where it is located, and what it is doing (who is it connecting to). This enables an accurate assessment of the risks a specific device poses to the operations of the health system, as well as any opportunities that may be available to increase the value of that device over its lifetime.

Visibility and insights at this level enable better risk mitigation, remediation, procurement, maintenance and utilization strategies that can improve the security, efficiency and financial health of the network. For example, utilization insights can drive capital planning decisions, reducing spending by redeploying underutilized devices and ensuring timely maintenance that can extend the useful life of an asset. To get more details on the systemized, closed-loop approach we recommend for managing and securing devices to reduce their risk and improve their overall performance, please listen to the HIMSS session here.

A Concrete Way Forward

We have been able to put the strategy we proposed in the HIMSS session into action for many hospitals around the country. We have seen how it can help hospitals adapt to changing pressures and provide some certainty during uncertain times.  A recent formal announcement of the partnership between TRIMEDX and Medigate describes how hospitals can benefit from our comprehensive, integrated approach. By merging the TRIMEDX CAM Advanced and CYBER Advanced solutions with Medigate’s real-time visibility, utilization data and threat/vulnerability detection, hospitals gain:

Advanced device details and real-time utilization insights

Discovering and precisely identifying every connected device on a clinical network, automatically, in real-time, through proprietary algorithms specifically built to identify devices and communication protocols. Utilization data, combined with national clinical asset benchmarks, provide objective data for health systems as they make decisions around replacing, upgrading, dispositioning or reallocating medical devices, leading to savings in operational and capital expense. Real-time insight into OEM responses to cybersecurity threats provide information that health systems can use to inform decisions around clinical assets and support contract negotiations.

Industry-leading threat detection

Providing device safety and security monitoring, threat detection and remediation in a closed-loop system that marries best-in-class industry expertise in both technology and people. Real-time monitoring of vulnerabilities, alerts, and recalls, as well as the detection of potential suspicious behavior ensures hospitals have an accurate picture of the risks within their network and can take appropriate steps to address.

Effective remediation

Identifying and proactively addressing threats, via patching, and mitigating risks through more efficient remediation workflows and compensating controls (when no patch is available). The implementation of clinically-vetted preventative and containment policies, via routers, firewalls and NACs, can be automated to speed defenses and reduce attack impacts. As a result, hospitals can efficiently manage their risks and maximize the value of their assets.

To see a demo of how our closed-loop approach can help you efficiently address the connected-device security and management challenges you are facing, please schedule here.

Post by Jonathan Langer, co-founder and CEO of Medigate, and Scott Trevino, senior vice president of product management for TRIMEDX

Jonathan Langer

CEO and Co-founder

24 Jul, 2020 • 6 minutes read

Threat Center

View the latest virus alerts and vulnerabilities and get tips on how to mitigate their risks