Alert: Tracking exposed OT/ICS: 2017 – 2024

Ornamental dots. Two rows of three dots. The top row is a light blue. The bottom row is one light blue dot followed by two orange dots. Blog

A Healthy Hospital is Founded on 5 Key Cyber Principles

Amy De Salvatore, Vice President of Worldwide Alliances | March 5, 2020

Today, running a healthy hospital means much more than curing diseases and fixing broken bones. It also means making sure the underlying technology is strong and secure enough to support those operations.

Hospitals, clinics and other healthcare organizations are adding more connected devices to their networks than ever before. These devices add significant benefits, like the increased ability to monitor patients with real-time results from medical scans.

But these connected devices also introduce new cybersecurity risks. Attacks on healthcare organizations jumped 60% in 2019 over the year before. According to some metrics, attacks are expected to cost $4 billion in 2019. Ransomware attacks, in particular, devastated hospitals around the world last year, leaving them without access to patient records and putting ongoing patient care at risk.

Healthcare organizations pose unique challenges that need to be addressed in order to protect them effectively. For example, they have an increasing diversity of devices across both Internet of Medical Things (IoMT) and more traditional IT. Many of these devices also rely on legacy operating systems, like Windows XP and Windows 7, which no longer receive ongoing security updates or can require downtime to upgrade. Finally, many healthcare organizations lack network segmentation strategies, which would limit the spread of malicious malware across flat networks.

Just like diagnosing an illness, having a healthy hospital starts with a full understanding of the hospital’s cyber risk profile or symptoms of concern. To do that, an organization should consider some basic health check questions. For example:

  • Do we know ALL the devices on our network, and have we assessed their security posture?
  • Are we confident that all medical devices are compliant with industry regulations and can be managed without affecting patient services?
  • Is our network running at peak operational performance?
  • Are we controlling access to all network environments?
  • Is our network segmented properly?
  • Can we detect and respond rapidly to anomalous behavior?

Forescout’s new strategic partnership with Medigate recognizes these questions and provides a solution by pairing Forescout’s unparalleled device visibility and control across IT, IoT and operational technology (OT) with Medigate’s detailed medical device profile information, precise classification, policy creation and clinical workflow insight. The powerful combination of Medigate and Forescout enables hospitals to automatically enforce granular network access control, segmentation and other compliance policies. Forescout extends these capabilities across all other connected devices in the health delivery organization, as well as the full enterprise-wide heterogeneous network environment, including IT, clinical, IoT, OT, as well as wired, wireless and cloud. The result is a cohesive, centralized device visibility and control platform.

Hospitals also require maximum network and device uptime and reliability in order to ensure continuous, quality patient care. Improving overall cybersecurity health is an important part of addressing this requirement. But security advancements should be able to be added without the need to completely redesign or replace current network infrastructure or negatively affect critical operations, especially those that could impact patient care. Forescout and Medigate together make this possible by enabling customers with continuous, contextual network and device intelligence to drive the right policy-based actions to control network access and mitigate threats without network disruption.

To gain further performance improvements without impacting cybersecurity protections, Forescout is partnering closely with Arista Networks, a leader in high-performance, easy-to-manage cognitive networking solutions. Arista’s cloud-based network infrastructure ensures uptime, availability and visibility of critical clinical applications while prioritizing and optimizing network access to these applications. The solution fits seamlessly with the advanced security foundation provided by Forescout and Medigate.

Health Hospital 5 Key Principles

The combination of Forescout, Medigate and Arista helps foster a healthy hospital that is founded on these five key principles. With a solid foundation, healthcare delivery organizations can optimize the digital delivery of patient services and still maintain strong protection against cyberthreats. That way, they can focus their attention on what really matters: high-quality patient care.

Join Forescout, Medigate and Arista for a webinar on May 20th as we discuss becoming a Healthy Hospital to improve and protect patient service delivery. Contact us at [email protected] to learn more about how our integrated solutions can best help you.

Demo Request Forescout Platform Top of Page