The Key 43 Days
Healthcare has dealt with a scourge of ransomware. Average dwell times suggest that ransomware can be stopped long before encryption is deployed.
IT security tools tailored for large security teams swamp resources with too many alerts.
Threat intelligence developed in other industries fails to capture and model unique actions taken by healthcare attackers.
The Validation Boundary
FDA regulations on clinical devices (machine AND software) limit timing and effectiveness of patches AND traditional endpoint security.
Mix of Legacy and New Devices
Security solutions must passively monitor a complex mix of legacy devices, old operating systems and new devices with increased connectivity and functionality.
The Machines Are Everywhere
Hospitals mix IT devices and clinical devices in nearly every room and attackers can quickly pivot devices.
EHR vendors are not required to publish their security updates or vulnerabilities publicly, leaving most security technologies blind to attacks.
Detections Are in the Data
With limited EHR vulnerability data, EHR audit logs must be monitored and analyzed in real time.
The Unmonitored Crown Jewels
The EHR holds the crown jewels of the modern health system—PHI, and the entire working of the hospital. A lack of monitoring to date has led to a false sense of security.