Saul Marquez, Host at Outcomes Rocket Podcast

Protecting Medical Devices from Cyber Attacks

Tuesday July 20th 2021

Protecting Medical Devices from Cyber Attacks

medical devices


Healthcare has advanced technologically in treatment, care, and disease control, but it still has a long way to go when it comes to cybersecurity. Unfortunately, it is a favorite target of hackers because of its inherent blindspots from its sophisticated machines and stored data like financials and patient information.


In 2020 alone, the HIPAA Journal reported an increase of 45% in attacks against the healthcare industry globally. According to the report, the industry is being actively targeted by threat actors to infect the system with ransomware. 


There have been many high profile breaches over the past year including an incident in which the computer systems across Universal Health Services’ 400 locations failed over a weekend in September 2020 and the more recent Scripps Health Outage which has sparked a series of lawsuits against the healthcare provider. 


This barrage of cybersecurity incidents is alarming, especially considering the danger it poses to patients’ health. Though many healthcare organizations have adopted or improved security measures, there are still gaps in other safeguards. Fortunately, there are already health-focused cybersecurity solutions that offer comprehensive and end-to-end cybersecurity protection like CyberMDX. 


Securing Healthcare Networks For Quality Care Delivery


CyberMDX is a leading healthcare cybersecurity provider. Its mission can best be described by its tagline – “we protect the things that protect human lives.” Founded in 2017 by Amir Magner and Moti Schniberg, the company is headquartered in New York City, with Product & R&D operations in Tel Aviv.


CyberMDX offers a unique solution that brings together the clinical network with the IT network.


Built from the ground up for healthcare delivery organizations, the solution – The CyberMDX Healthcare Security Suite – offers a  comprehensive suite of capabilities to help hospitals discover, detect, and defend against potential cyber-attacks across all networks and devices.


The CyberMDX Healthcare Security Suite delivers deep visibility of all connections and devices. The continuous, real-time discovery of IoT and medical devices offers accurate risk assessment and detection, giving a clear view of the different malicious activities trying to get in using authorized traffic. It also delivers risk mitigation and analytics, providing detailed reports of the security of each connected medical device, including patch alerts, devices at risk, and all Internet-connected devices.


This innovative solution is proven by CyberMDX’s many customers. One such example is Metro Health, an affiliate of the University of Michigan Health. John Weller, Chief Information Security Officer, has this to say about the CyberMDX solution. “Without CyberMDX, we wouldn’t know the location (of the devices). Through them, we can see the patching levels. We also get to see which devices have PHI and which ones don’t. And CyberMDX does a lot of support for CISCO ISE so networking is excited to be able to do macro or micro segmentation.”


Aside from products, CyberMDX also offers Advanced IoT security knowledge and training for customers who want to learn more about the importance of clinical connected work. There are also deployment and configuration services to support single or multiple site structures requiring installation and configuration, and customer support for any concerns regarding IoT or healthcare security. 


CyberMDX’s Defining Factors


When asked what makes CyberMDX different or better than what’s available today, Elad answered three significant points.


First, the insight of the research team. CyberMDX is recognized as one of the leaders of medical device vulnerability research, thanks to its dedicated research team focused on improving connected healthcare and IoMT. “We’ve discovered fifteen different vulnerabilities in the past years, affecting over a hundred different medical device models. That has greatly benefited our customers as well as the broader community, not only our customers but everyone who uses those devices,” Elad pointed out. Thanks to those discoveries, anyone who uses those hundred-plus devices can now start updating and securing them to prevent them from becoming the gateway of cybersecurity threat in their organization.


Second, the flexibility of the solution. Elad explained that the company enables customers to optimize for security. “They can segment entire groups of devices inside the hospital, which are common policies. They can block specific scenarios between connected devices. They can control the utilization and compliance alignment,” he added. CyberMDX is innovative and constantly looking for ways to help customers reach cybersecurity solutions. 


Third, attention to devices and reaching the action aspect. Using a unique approach called ‘device-centric risk management, Cybermdx’s solution provides a layered approach to cybersecurity that protects each device  The solution offers a prioritized list of asset groups and recommended actions to remediate or mitigate the risks associated with these assets on three distinct protection layers: on-device, on-network, on-perimeter. This is inherently more robust than other solutions which focus their security and risk management solely on the network layer.


CyberMDX provides more than a solution. According to Elad Luz, Head of Research, they also guide and share knowledge with clients. “We also don’t just deliver a solution. We help them, guide them, frequently share our knowledge with them,” Elad shared. 


An award-winning security solution


In use in hospitals around the world to secure medical devices and networks from cyber attacks, CyberMDX is living up to its commitment of ‘protecting the things that protect human lives’. 


In the past year, the company partnered with Philips, a global leader in technology, to integrate the Healthcare Security Suite into the newly introduced integrated Cybersecurity Services offered by Philips. This means more users to navigate, maintain, and gain data from. 


Through its innovative approaches in discovering vulnerabilities, the company has received numerous accolades in the past year,  recognized by the Medtech Breakthrough Awards as the Best Healthcare Network Security Solution for 2021’,   as well as the ‘Fortress Cyber Security Awards’ for its leadership in healthcare security.


Last year, the company was named a leader in Forrester’s Wave report for Medical Device Security, as well as receiving Frost & Sullivan’s ‘2020 Technology Innovation Leadership Award’ as the leader in medical devices and assets security technology innovation in North America.


With CyberMDX, healthcare organizations can sleep better at night. Given the wave of attacks on health providers, being able to effectively mitigate risks, keep data secure, and deliver an improved patient experience is no longer something you can afford not to do. 


Learn more about CyberMDX from my interview with Elad Luz here:


Written By

Saul Marquez

Related Notes

HFX™ for PDN*: A Nondrug Solution for Painful Diabetic Neuropathy

  According to the 2020 Centers for Disease Control and Prevention report, roughly 34.2 million Americans have diabetes,...

Read More

Managing Chronic Pain with High-Frequency Spinal Cord Stimulation 

  As a farmer, Rod was used to long days. He worked 18 hours a day, 7 days...

Read More

Master Pitch to Investors in a Day

  With investors receiving hundreds of pitch decks every year, how do you create a compelling presentation that...

Read More