As more and more medical devices get connected onto the network to fuel the healthcare digitization journey, they become susceptible to cyberattacks based on device vulnerabilities, outdated and unpatched OS and software versions because they can’t be ‘simply’ secured with security agent or software patch. Adding a client agent or patch could affect their operation and in some cases its restricted due to regulations so it’s a huge limitation, especially in a healthcare setting.
There are thousands of medical device types, models, and modalities that are running on a multiplicity of operating systems and software versions. Each device has unique vulnerabilities that require special attention. Taking corrective security actions is a time and labor-intensive process.
Where do you start? What devices are at the greatest risk and need immediate attention?
CloudPost can make it fast and easy to understand your risk posture. It’s like waving a magic wand and suddenly getting the extreme risk clarity you need to know how and where to focus your risk mitigation efforts.
To get started you simply plug CloudPost’s ML/AI-powered technology into your network and it passively conducts an extremely fast and thorough medical device inventory and risk assessment. Our unique interrogation and analysis capabilities far exceed those of NAC identity-based systems as it works deep in the network flows and conducts a passive (clientless) inventory and risk discovery process for each device.
First, we uncover the manufacturer, type, model, modality, OS version, SW version, serial number, PHI data, location, and IP/MAC fields for every network-attached device. Then we subject it to continuous security analysis that identifies:
- Known vulnerabilities (we obtain data from NVD, ICS-CERT, FDA,, ECRI and other advisory databases) per medical device profile.
- Active vulnerabilities (we can periodically scan each device using probes optimized for medical devices)
- Active threats (we continuously monitor each device’s communication using built-in IDS and active threat intelligence feeds)
Within an hour you can have a detailed device risk report that’s weighted for device criticality and presented with NIST CVSS severity scoring. This gives the data you need to target the riskiest devices for mitigation and protective actions. CloudPost also provides a workflow models to manage risk reduction process as new devices get added to the network.
If this sounds interesting we’re offering a 2-week high-touch Inventory and Risk Scoring engagement in which we’ll help plan, install, review, and present a report on the state of your device risk at a single facility. Just sign up here.