Healthcare delivery organizations (HDOs) are highly dependent on a wide-range of technology to offer quality medical care. This technology includes clinical devices, like those that monitor patients during surgery or infusion pumps used to administer medications. In addition, healthcare environments consist of lesser known Operational Technology (OT) like elevator systems, lighting control, ventilation, and HVAC systems. Together these systems ensure proper operations – from maintaining a clean and safe environment to allowing for easy transportation of patients, samples, and medications around the facility and regulating temperature for critical components of patient care.
While many HDOs have long recognized the importance of securing Internet of Medical Things (IoMT) devices, like those mentioned above, not all healthcare systems are adequately protecting their OT devices from cyber attacks. Understanding that OT devices have just as much potential to impact patient care as IoMT is the first step to ensuring the safety and security of healthcare facilities.
However, discovering OT devices and managing exposures requires a nuanced approach. In the past, passive monitoring proved to be a sufficient device discovery approach, but with so many connected OT systems in the environment, organizations require a shift to more active approaches for asset visibility. That’s why Claroty Edge for healthcare is paving the way for HDOs to more deeply profile their OT devices in minutes, ensuring all devices on the clinical network maintain a strong foundation of visibility on which to build their cybersecurity program.
How to Approach OT in Healthcare
Operational Technology (OT) in healthcare refers to the hardware or software used to monitor or control physical devices, processes, and events. OT is essential in enabling healthcare providers to manage, regulate, and integrate critical systems and processes in everyday operations.
Unlike Information Technology (IT), which includes computer systems, software, programming languages, data and information processing, and storage, OT is responsible for managing and controlling physical devices that are critical to operations. The convergence of IT and OT has resulted in a proliferation of connected devices known as cyber-physical systems (CPS). Due to this convergence, when thinking about protecting OT in healthcare environments, it’s essential to start thinking of cyber-physical systems security more holistically.
So what are the OT devices in the healthcare environment? Some of the most critical are those that are part of your Building Management Systems (BMS). Examples of OT devices that are part of healthcare BMS include:
Access control
Building Automation Control
Fire alarm control
Intercom/paging system
Emergency power generator
Elevator control
HVAC
Freezer & refrigeration control
Gas delivery
It’s not difficult to see the impact that downtime for one of these systems could have on patients or HDOs at large. Interference with freezer and refrigeration control could damage vital biological samples or medications. An emergency power generator that’s been shut down could affect the power of an entire building, keeping patients from using critical medical devices. Protecting OT devices is just as important as securing medical devices, and with a fundamental shift in the way that security teams approach risk reduction they can protect the full-spectrum of their environment.
Protect OT in Healthcare With a Purpose-Built Solution
Specifically built for the nuances of clinical networks and healthcare operational environments, HDOs can utilize Claroty Edge to strengthen identification of their existing assets and implement additional approaches to identify existing assets not a part of their current cybersecurity program.
Claroty Edge provides a deeper level of insights in a hospital’s OT assets, uncovering details that may not be accessible through standard, passive-led means alone. Take the MODBUS protocol for example. Used in devices like energy meters, HVAC systems, access control systems, and more, MODBUS does not “naturally” send model or firmware information about the device using it–two attributes that are critical for vulnerability and risk management.
As a flexible, host-based data collector that provides rapid visibility into IT and OT devices within minutes, Claroty Edge does not require network changes or additional hardware. Working alongside the Claroty xDome platform, Edge is uniquely suited for healthcare environments, where gaining insight into unmanaged or hard-to-reach devices (such as IoT and building automation systems) is critical to operational integrity.
Employing multiple discovery methods for OT in healthcare environments provides deeper visibility and a better foundation for CPS cybersecurity, among the following benefits:
Utilizing both active and passive discovery methods ensures a complete asset inventory, guaranteeing no devices are left unprotected
Quick asset discovery and profiling lead to better time-to-value, which is key for healthcare organizations making the most of limited financial resources
Leading with non-passive discovery leverages existing infrastructure for deep asset profiling
Unlike the extra hardware required for passive-only methods, dynamic discovery requires low-to-no hardware deployment which reduces costs
Combining Claroty Edge with passive monitoring techniques ensures that all devices, from patient monitors to nursing workstations to lab refrigeration systems, are part of a comprehensive cybersecurity program.
To learn more about Claroty’s solutions to protect OT in healthcare, reach out to a member of our team.
