The Emerging Risk

The Healthcare industry is improving its employee productivity and patient-care experience through the deployment of Internet of Things (IoT) devices.  These devices range from medical equipment (MRI machines, infusion pumps, CAT scanners, vital sign monitor, etc.), mobile devices, wearables, implantable gadgets, radio links, time clocks, streaming devices, IP cameras, smart door openers, network-attached storage and more.

So, what new risks are brought on by these new productivity and patient-care improvements?

IoT devices exponentially increase the cyber-attack surface, especially as vendors and bring-your-own-device policies add new and unrecognized assets onto a healthcare provider’s network.  Thus, many organizations are (1) not aware of their IoT assets, (2) lack the ability to monitor and manage the assets and (3) do not understand the changes required to cyber security policies for IoT.

Business Impact

Not only do the common risks exist in IoT (such as being used to obtain user credentials, trade in black markets, create botnets used in denial-of-service attacks, execute click-fraud, send spam mail, obfuscate network traffic and even sabotage) but now we have patient safety to consider. Hacks into pain-management pumps, remotely-managed pacemakers and insulin pumps have all been in recent news and are predicted to be just the beginning of patient-health IoT breaches in Healthcare.   

The attack surface has increased; the stakes are higher, and organizations must adapt.

I should be asking, and I should be hearing

  • Identification. Do you have a validated asset list with levels of associated criticality attached? What is the process for asset validation?

Yes, all newly deployed assets must first be done with xx Security Operations Center routinely scans for rogue assets,

  • Prevention. Have you implemented considerations posed by the National Institute of Standards and Technology (NIST)?

Yes, we have documented and provided enterprise-wide training for IoT risk and mitigation challenges; we have adjusted organizational policies and processes and implemented updated mitigation practices.

  • Prevention. What are the good-hygiene cyber security methods in place today?

Examples of our in-place processes to ensure cyber security include real-time monitoring and patch-management, devices are scheduled to reboot on a schedule to eliminate any possible malware stored in memory, antivirus is up-to-date, configuration checklists are applied to all assets at least once per year (e.g. two-factor authentication, restricted network access, least-role access, changing default admin password), user access is validated annually, network firewall prevents access from all unnecessary IP, IoT devices are segregated from all other networks, security training happens at least once per year for all employees.

  • Detection. What methods are employed to detect IoT compromised assets?

We monitor for spikes in internet use, degradation of network performance, unusual outgoing traffic. This is monitored by using OT scanners, passive network scanners and machine log aggregation. Data are fed into a Security Information and Event Management (SIEM) tool where analytics are applied and monitored by our Security Operations Center (SOC).

  • Remediation. How are rogue assets dealt with?

The SOC team will identify assets on the network which are not on the registered assets list and determine the physical location of the asset. After physical inspection, the SOC team will work with the business staff to either onboard or remove the asset from the network.

Connect with us

 

Talk with Fortress today about how to manage risk and get better performance and compliance across your enterprise! Set up an appointment to speak with a representative.

 

189 S Orange Ave #1950, Orlando, FL 32801

407.573.6800

sales@fortressinfosec.com


View More Resources Here

Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know? 1
Utilities
Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know? 2
Transportation
Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know? 3
Healthcare
Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know? 4
Finance
Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know? 5
Energy
Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know? 6
Additional Industries
Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know? 7

Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know? 8 Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know? 9 Board Brief: IoT and the Risk to Healthcare Providers – What Does the Board Need to Know? 10

189 S Orange Ave #1950, Orlando, FL 32801
(407) 573.6800
sales@fortressinfosec.com

COPYRIGHT © 2019. FORTRESS INFORMATION SECURITY. ALL RIGHTS RESERVED. PRIVACY POLICY

PRESS RELEASE

FORTRESS LAUNCHES INNOVATIVE COLLABORATION TO HELP PROTECT THE POWER GRID FROM CYBER THREATS

Emerging Risk Brief

ASSET RISK MANAGEMENT - FOR PORT AUTHORITIES

Advisory

5 STEPS FOR AN EFFECTIVE THIRD PARTY VENDOR RISK PROGRAM

White Paper

CIP COMPLIANCE – UPDATES, ENFORCEMENT AND PRACTICAL IMPLEMENTATION

Advisory

5 STEPS TO A STRONG VULNERABILITY MANAGEMENT PROGRAM

WHITE PAPER

NERC CIP COMPLIANCE

Subscribe to Fortress Newsletter

For breach reports, threat intelligence, regulatory
updates, cyber security news alerts and more,
sign up to receive the Fortress Newsletter.

Threat Advisory

Outdated Security Appliance Facilitates Denial-of-Service Attack on U.S. Grid

WEBINAR DOCUMENT

NERC CIP SUPPLY CHAIN SECURITY STANDARDS