Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Internet of Medical Things

Published byStephanie Robertson Modified over 7 years ago

Similar presentations

Presentation on theme: "Securing Internet of Medical Things"— Presentation transcript:

1 Securing Internet of Medical Things
Manish Rai VP Marketing December 2nd, 2016

2 Internet of Medical Things (IoMT): $163B by 2020, 38% CAGR
10-15 Device per Bed ~50% Networked Bio Medical Devices and IoT Growth expected to be $117 Billion by 2020 Marketresearch.com Expected to save Patients, Providers, and Payers Billions of Dollars in Asthma Alone Goldman Sachs Roughly 15 Devices per bed FDA Mandates devices are connected to the network Bad guys practicing on their own purchased models Networks increasing in size and creating larger attack surface Source: Markets and Markets, Oct 2015

3 A Glimpse into the Numbers
Healthcare Continues to Be The Top Target for Criminals A Glimpse into the Numbers 72% 40% YoY Increase in Healthcare Cyber Attacks Malicious traffic targeted at Healthcare Providers APT-Nation State Types of Cyber Criminals Script Kiddies-The most basic and least skilled attackers Hacktivists-Politically Motivated Cyber Criminals-Stereo Typical Attacker Looking to make Money Nation State Attackers-Sponsored Groups to launch extensive cyberwarfare The Numbers 72% of malicious traffic targeted Healthcare Providers Healthcare Cyber Attacks increase 40% YoY KPMG 2015 Healthcare Survey states 81% of people revealed one or more of their systems was compromised within the last year 81% of healthcare providers have revealed one or more systems have been compromised Source: KPMG 2015 Healthcare Survey

4 Researches Have Been Highlighting IoMT Vulnerabilities
MRI Device Hacked to Access Patient Information Researcher “was able to hack into the hospital's network with ease – and permission – after finding vulnerable medical devices listed on Shodan.”-International Business Times, Feb Data vulnerable from Bio-Medical Devices Images X-Ray CT MRI Ultrasound Waveforms ECG BP EEG Demographic Information Vital Signs Heart Rate Pulse OX Respiration Temperature Alarm Parameters Drug Type & Dosage Control and Configuration Settings Infusion Rates Therapy Timers Anesthesia Radiation Delivery Settings Laboratory Results Sounds from blood flow and respiration “In further example, during his tenure as Vice President, it was discovered that Al Qaeda operatives were attempting to compromise Dick Cheney’s pace maker by exploiting an unsecured Bluetooth connection.”-ICIT Infusion Pump Hacked to Administer Fatal Drug Dose Security Professionals “showed how easy it is for hackers to take control of a hospital drug infusion pump by overwriting the device’s firmware with malicious software. The hack would allow someone to remotely administer a fatal drug dose to patients.” Aug 12, 2015

5 Reasons for IoMT Vulnerabilities
7-8 year device development life cycle Devices built for patient safely not security Use of outdated OS with known vulnerabilities Ltd or no patching capability No support for 3rd party security agent Till recently, limited regulatory focus on security Unencrypted communication Insecure Medical Devices EoL Operating Systems Devices have a 7-8 year life cycle OS & Software are baked in years prior to release Unsecure Bluetooth of Wifi Connections Who purchases Typically 15 per bed Attackers are infecting medical devices with malware and then moving laterally through hospital networks to steal confidential data, according to TrapX’s MEDJACK report. (2015)

6 2016 HIMSS Cybersecurity Survey: Greatest Areas of Vulnerabilities
Top 5 Greatest Areas of Vulnerabilities (1-7 on a Likert-type scale) (5.00 acute, 5.30 non-acute) Mobile devices (4.81 acute, 4.72 non-acute) Internet of Things (4.79 acute, 3.56 non-acute) Other End User Devices (4.42 acute, 4.30 non-acute) Network (4.17 acute, 4.07 non-acute)

7 2016 HIMSS Cybersecurity Survey: Information Security Tools
Low Rates of Implementation: Network monitoring tools (54.6% acute, 45.2% non-acute) Mobile device management (56.3% acute, 35.5% non-acute) Intrusion detection system (57.1% acute, 41.9% non-acute) Intrusion prevention system (49.6% acute, 41.9% non-acute) Data loss prevention (38.7% acute, 25.8% non-acute)

8 Identify Gaps & Update Processes
IoMT Security Framework Determine Scope Inventory IoMT Device Determine Vulnerabilities Categorize Based on Risk Identify Gaps & Update Processes Procurement Deployment Monitoring Migration Plan Plan & Policies Insecure Medical Devices EoL Operating Systems Devices have a 7-8 year life cycle OS & Software are baked in years prior to release Unsecure Bluetooth of Wifi Connections Who purchases Typically 15 per bed

9 #1 Inventory of Authorized and Unauthorized Devices
IoMT Security Framework: Identify Scope ! Inventory type, usage and location of each medical device ! Determine know vulnerabilities in each device type (OS, patching, default settings, etc.) ! Score Device Risk Based on type, use, location and data transmitted #1 Inventory of Authorized and Unauthorized Devices Maturing Security Program (automated processes – patching, real time device detection, device monitoring devices lifecycle management) A. Understanding of your network (Asset Inventory, Network flows and diagrams) B. Actively Monitoring Networked Devices C. Incident Response Program (SANS Stats from survey – average response time was 6+ hours per device; breach to discover – 253 days * check stat)

10 IoMT Security Framework: Identify Gaps & Update Processes
Procurement: Collaboration between IT & Biomedical Add security assessment as a key criterion Deployment: Segmenting devices based on risk Monitoring: Process continuous monitoring and assessment Migration Plan: Process of replacing high risk devices According to SANS Institute, 50% + of incident response takes over 3 hours per endpoint. Endpoint Security Report Security Awareness Security awareness training; internal ee training (33% of data breaches internal? Need to find stat.. Phishing; Social Engineering) Board education… regular risk assessment and gap analysis ?? Penetration Testing/Vulnerability Scanning (Web applications – knowing where your vulnerabilities are) Regulations & Compliance (PCI, HIPPA)

11 10+ $1B+ 100% 20MM+ Great Bay Software: Company snapshot
Years Experience Securing Enterprises Beacon Product Suite 5th Generation 10+ 200+ Customer Installations $1B+ Investment Fund Backed 100% Implementation Success Rate Subscription Pricing Model 20MM+ Devices Secured Experienced Management Team

12 IoT / Biomedical Device Connection Security
Great bay vision SEE Visibility Real-time Discovery Comprehensive Profiling Every Network Monitoring Identity Behavior Location IoT / Biomedical Device Connection Security ACT Enforcement Alert Quarantine Block Onboarding Authenticate Device Onboard Automatically Segment

13 Enhanced SECURITY, MANAGEMENT & OPERATIONS
DNS & DHCP NAC ATD SNMP Traps & Polls, IP Helper EPP/EDR IoT and Biomedical Device Warehouse of Context Wireless Controllers MDM IoT Gateway NetFlow / JFlow Management Port Mirroring / SPAN Asset Management Active Directory & Radius Accounting Integrations: MDM, NAC, etc. Security Ops Operations Ingests and Correlate Hundreds of Endpoint Attributes from Dozens of Data Sources Industry’s Most Accurate Artificial Intelligence Expert System-Based Profiling Engine Leverages 1,400+ Pre-Built Device Profile

14 UNIQUE ARTIFICIAL INTELLIGENCE EXPERT SYSTEM-BASED BEHAVIOR MONITORING
Detects and Flags Unusual Changes in Identity, Location and Behavior Identity Location Behavior Detect Network Intrusion MAC Spoofing Rouge AP Rouge Device Vulnerable Devices Unauthorized Access 9100, 515, 80, 443 New York San Francisco FTP (21) SSH (22), Telnet (23) Only Vendor with Device (not User) Centric Behavior Monitoring Prepares you for Estimated 25% of Breached Expected to Involve IoT/Unmanaged Devices by 2020

15 Case Study Problem: Beacon Endpoint Profiler Solution: Result:
Securing Medical and Unmanageable Devices Solution: Beacon Endpoint Profiler Real-time identification of 100% of the medical and unmanaged devices Automatically on-boards the device by establishing profile-based trust Accelerate incident response by pinpointing the exact real-time location of the device Result: Need to rework the layout…. 7,600 endpoints authenticated (100% of medical and unmanaged devices) Savings of 2 FTEs Real time device visibility and behavior monitoring Regulatory Compliance (HIPPA, PCI)

16 Questions? Manish Rai VP of Marketing Great Bay Software

Download ppt "Securing Internet of Medical Things"

Similar presentations

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.

© 2013 Bradford Networks. All rights reserved. Rapid Threat Response From 7 Days to 7 Seconds.
Www.accessdata.com Digital Investigations of Any Kind ONE COMPANY Cyber Intelligence Response Technology (CIRT)

Digital Investigations of Any Kind ONE COMPANY Cyber Intelligence Response Technology (CIRT)
Wireless Network Security

Wireless Network Security
VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.

VULNERABILITY MANAGEMENT Moving Away from the Compliance Checkbox Towards Continuous Discovery.
Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec

Security Risk Management Marcus Murray, CISSP, MVP (Security) Senior Security Advisor, Truesec
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
NUAGA May 22, 2014.  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.

NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.
Www.softwareassist.net Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.

Protecting Mainframe and Distributed Corporate Data from FTP Attacks: Introducing FTP/Security Suite Alessandro Braccia, DBA Sistemi.
What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.

What Keeps You Awake at Night Compliance Corporate Governance Critical Infrastructure Are there regulatory risks? Do employees respect and adhere to internal.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.

© 2015 ForeScout Technologies, Page 2 Source: Identity Theft Resource Center Annual number of data breaches Breaches reported Average annual cost of security.
GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.

GSHRM Conference Cyber Security Education Shri Cockroft, CISO Piedmont Healthcare, Inc. September 21, 2015.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.

Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Ali Alhamdan, PhD National Information Center Ministry of Interior

Ali Alhamdan, PhD National Information Center Ministry of Interior
Network security Product Group 2 McAfee Network Security Platform.

Network security Product Group 2 McAfee Network Security Platform.
HO20110473 1 © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.

HO © 2012 Fluor. All rights reserved. Quick Wins in Vulnerability Management Classification: Confidential Owner: Michael Holcomb Approver: Phil.
FFIEC Cyber Security Assessment Tool

FFIEC Cyber Security Assessment Tool
IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.

IPv6 security for WLCG sites (preparing for ISGC2016 talk) David Kelsey (STFC-RAL) HEPiX IPv6 WG, CERN 22 Jan 2016.
Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,

Enterprise Mobility Suite: Simplify security, stay productive Protect data and empower workers Unsecured company data can cost millions in lost research,

Similar presentations

Ads by Google