Zingbox IoT Guardian is the industry’s first and also the most widely deployed security and analytics platform. From its launch in 2014, we have taken a wholistic approach to device lifecycle management when securing and managing connected medical devices.
In my recent interview with LifeBridge Health Senior Vice President and Chief Information Officer Tressa Springmann and IT security analyst Mike Hardesty, they reflect on the state of clinical and biomedical device security, the challenges they face, the trends they see occurring in the cyber security industry, and how they are developing and consistently applying best practices in the rapidly changing threat landscape.
A few of the points they make during their interview:
- Network-connected medical devices add more layers of complexity than traditional IT devices in terms of lifecycle management; that is, the management of device inventory, patches, upgrades, changes, and device retirement. Securing the connected medical devices requires a broad strategy that includes not only tools but also people, processes, and technologies.
- Connected medical devices have unique challenges because they are hooked up to patients, they might not immediately have patches available to respond to threats, and the organization might not have a budget to upgrade them. Securing these devices sometimes involves isolating them in their own VLAN and enforcing access control to only those who require access.
- Mergers and acquisitions introduce new cyber risks to an organization, come with disparate monitoring and management tools, and disperse knowledge from a centralized security team to various groups and individuals scattered throughout the organization.
- As the cyber security industry matures, it is evolving from silos of individual tools to collaborative platforms that offer plug-and-play integration with multiple tools. By coordinating data from various sources, such integrated solutions provide many benefits. They can quickly synthesize data from all endpoints, give the security team complete context around devices, report normal and anomalous device behavior, provide enriched visibility of the entire threat surface spanning an expanded IT landscape, and deliver comprehensive threat management.
Watch the full interview titled “Securing Connected Medical Devices – A Practitioner’s View” on the HIMSS website.