Nuvolo OT Cyber Security Protects Medical Devices, Coordinates Response
Cyber security is a top-of-mind concern for healthcare organizations, especially when it comes to the medical devices that support patient care. In recent years, the vulnerability of connected infusion pumps and patient monitors has been exposed by high-profile ransomware attacks , such as WannaCry, and experts say the risks will grow as Operational Technology (OT) devices (e.g. Medical Devices, Laboratory Devices and Facilities Devices) proliferate.
To address these complex cyber security needs, Connected Workplace provider Nuvolo has introduced its OT Cyber Security solution to identify and remediate vulnerabilities in OT devices.
The solution also coordinates the remediation process among key business lines (clinical, IT, and facilities operations) to improve efficiency and keep all stakeholders informed.
Medical Devices have always been key focus for Nuvolo. Its popular Connected Workplace solution, built on the ServiceNow platform, offers hospitals a centralized view of reported issues and scheduled maintenance across support teams, creating “an 'Amazon-like' experience in the workplace to consolidate support and deliver an amazing customer experience," according to Ben Person, VP of Product Marketing for Nuvolo.
→ Healthcare IT Leaders is a Nuvolo Elite Partner. Read the News Release
OT Cyber Security is a natural extension of Nuvolo’s core solution, offering a coordinated, centralized management solution for OT and IT security use cases.
“Cyber security is a major concern. It’s pervasive event management and vulnerability management, but it doesn’t need to be complicated,” said Person.
Automated Remediation of Security Threats
Connecting the dots between OT Security and IT Security is critical, according to Person, because many organizations are focused principally on IT use cases, such as network attacks. But IT-centric scanning and monitoring systems may not necessarily identify whether an affected device is a medical device or tell organizations where the device is, or if a patient is currently connected to the device. Absent this information, acting on an alert often requires sending a Clinical Engineer out to physically locate the device for remediation.
“That’s a very manual process oriented around time-consuming human intervention. All while data is leaving the network or a device is being taken over and patient safety is compromised,” Person said. “It’s a major risk for hospitals.”
OT Cyber Security enables organizations to identify threats and automate remediation in their mission-critical, non-IT devices. Security alerts are identified through integrations with partners such as Cynerio, Medigate, Asimily, Ordr, Cyber MDX, Palo Alto Networks and ServiceNow Security Operations. These alerts are fed into the Nuvolo Intelligence Hub, which includes a database of a hospital’s entire set of devices and details – including...