Medigate, Forescout tackle ‘fast-growing’ medical IoT security threat
The number of connected devices in the medical is growing fast, and while these IoT devices will bring a greater efficiency and innovation to the medical field, allowing patients to receive better and fast care, there remains a serious problem around securing those devices. To address this, device visibility technology company Forescout is working with medical device security company Medigate to reduce the risk of medication IoT devices by assisting those in healthcare to “continuously discover, identify, assess and secure all Internet of Medical Things (IoMT), IoT, operational technology (OT) and IT network connected devices.”
Forescout Chief Product and Strategy Officer Pedro Abreu stated, “Connected medical devices represent a fast-growing threat attack vector and the lack of device manufacturer standardization and interoperability has created a significant problem for clinical care network operations.”
His statement is supported by the work performed by the Palo Alto Networks Unit 42 research team, which estimates that more than half of all the IoT devices in general enterprises and in medical environments, due to “several deep-rooted issues around connected devices,” present a risk in both general enterprises and in medical environments.
More startlingly, the research team also argues that on the most basic level, 98% of all IoT device traffic is unencrypted, exposing personal and confidential data on the network. This type of vulnerability is never good, but when it comes to a patient’s medical records, the implications became much more devastating.
Under the agreement, Forescout and Medigate will integrate Medigate’s in-depth IoMT visibility, anomaly detection and lifecycle management capabilities with Forescout’s enterprise device visibility, automated segmentation and incident response capabilities.
Forescout will enforce granular access control, segmentation and other compliance policies for clinical networks utilizing Medigate’s medical device classification and information, as well as extend these capabilities across all other connected devices in the health delivery organization.
Medigate cofounder and CEO Jonathan Langer commented that the partnership will provide healthcare organizations with “rich contextual visibility into their IT and clinical networks” and “sophisticated network analysis” to identity breaches.
“These actionable insights will, in turn, reduce risk and improve patient safety,” he added.
Two years ago, the FDA issued a recall of nearly half a million pacemakers out of concern that IoT security loopholes could allow hackers to breach the IoT healthcare devices. The recall impacted six pacemaker models, Accent, Accent MRI, Accent ST, Allure, Anthem and Assurity.
These days, pacemakers are just a drop in the bucket when it comes to connected medical and healthcare devices. And that bucket is only getting bigger. With the global IoT in healthcare market size expected to reach more than $176 billion by 2026, according to a report published by Fortune Business, it is critical that more emphasis be placed on improving medical IoT security.