HIMSS and Beyond: What’s Next in Healthcare Security

The Healthcare Security Crisis

The FBI has released many warnings of ongoing ransomware attacks targeting U.S. healthcare and first-responder networks over the last three years, with ransomware families being updated with new names as hackers exchange sophisticated hacker-for-hire code and models to exploit vulnerable healthcare facilities. From penalties and Health Insurance Portability and Accountability Act (HIPAA) violations to denial of service availability, healthcare providers are forced to invest in security for endpoints, Internet of Things (IoT) devices and surgical devices (or other medical care equipment) while facing challenges in manpower, expertise and integration with existing systems. 

The challenge of maintaining protected health information (PHI) and network security isn’t limited to hospital and hospice providers — many manufacturers of healthcare and life-saving equipment are also expanding their certifications, adding much-needed network security certifications into their already lifesaving and preserving Internet of Medical Things (IoMT) and IoT devices. From robotic-assisted surgery devices to monitoring devices and technology, IoMT is here to stay, and it’s expanding — while hackers have already begun looking for ways to compromise these devices to launch their attacks against a system. Hospital networks are a complex and diverse grouping of medical and non-medical devices, managed separately but integrated continuously. Often, administrators have looked to two different lists when trying to determine endpoints on their system versus medical devices, due to each being administered by separate teams. 

New CrowdStrike Partner: Nihon Kohden

Because the number of attacks has grown so sharply in the last two years, Nihon Kohden is one of the first to onboard CrowdStrike Falcon® endpoint information into its larger patient monitoring systems to establish full facility threat visibility, protection and efficiency. Nihon Kohden has certified and validated the Falcon platform, rigorously examining and testing how it interacts to keep medical devices secure from ransomware and other denial-of-availability type attacks. The two companies are providing best-of-breed security that doesn’t impact availability or response of medical devices. Nihon Kohden will be offering the CrowdStrike solution as part of its Nihon Kohden Network Care service, and CrowdStrike is proud to be a partner as it moves toward solving issues so many medical manufacturers struggle with post-initial approval.

IoT/IoMT systems often report into patient records and data storage, combining to make a homogenous attack surface that provides avenues for adversaries to exploit. CrowdStrike’s partnerships offer increased visibility and understanding of these systems, driven by the vital requirement for comprehensive protection of these areas.

These partnerships address an area that many are hesitant to talk about — the divide between IT services and clinical engineering IoMT services. While all healthcare providers have provided endpoint security and firewalls in a traditional way to protect their hospital networks, CrowdStrike is leaping ahead to find ways to protect the many lifesaving medical devices in use every day and prevent those devices from becoming an avenue of attack. 

The new security model sees all endpoints and devices as equally important on the network, from understanding all users, privileges, and service accounts to industrial control systems, IoT/IoMT medical tech and more. CrowdStrike and our partners provide visibility for all devices to collect and correlate data across multiple security layers — email, endpoint, IoT device, patient portal and network — with advanced detection and response capabilities. 

This holistic approach offers quicker detection of threats, as well as improved investigation and response times through incident analysis. Medical and manufacturing industries have some of the most vital requirements for Zero Trust solutions, and CrowdStrike helps monitor every transaction and every session, correlating and alerting against known attack patterns with a backend team of experts that analyze new patterns as new bad actors make themselves known by their activity.

New CrowdStrike Partner: Medigate

That’s not the only fantastic medical partnership announcement this month: CrowdStrike recently announced a healthcare partnership with Medigate, a company built around security, asset management and operational analytics for medical providers. Hospitals that have both Medigate and CrowdStrike Falcon® protecting their network will have new insight into discovery, profiling and network monitoring, to provide visibility into all managed and unmanaged endpoints including medical devices with network access. 

The integrated solution offers security teams at healthcare delivery organizations the industry’s first consolidated view of threat activity. It also ensures automated, next-gen incident response capability spanning all network-connected assets. 

Partnering for Success with IoT and Healthcare

It takes solid partnerships to deliver in a new age of healthcare security — and it’s even more important for security vendors to integrate and play well together as we bring our unique experience and understanding to form new and improved security solutions. CrowdStrike Falcon®’s single lightweight-agent architecture uses cloud-scale artificial intelligence (AI) to offer real-time protection and visibility across the hospital or facility, preventing attacks on endpoints on or off the network. Falcon Zero Trust protects the identities of every user, human or service account/machine that accesses the domain controller. Falcon Discover™ IT hygiene helps provide a census across the network or facility, finding all devices that connect to the network. Humio enables collection of events and extraction of valuable information from any endpoint, identity or source at scale. All of these are powered by the proprietary CrowdStrike Threat Graph® database engine, making CrowdStrike one of the world’s most advanced data platforms for security.

It takes Zero Trust solutions, endpoint detection and response (EDR), automation and threat discovery to work with security professionals on signal and network interoperability. These are the critical solutions that will determine the fate and security of the healthcare infrastructure — from vendors and automation, to the conjunction of network and operations into one visible stream. CrowdStrike is pleased to partner with other medical, IoT device and healthcare-specific attack experts and technologies to create best-of-breed solutions that will meet the strident demands of the healthcare IoT space. 

Additional Resources

• Learn more about how CrowdStrike Falcon® protects healthcare systems from cyberattacks.
• Read more about IoT security and challenges on our Cybersecurity 101 page.  
• Test CrowdStrike next-gen AV for yourself. Start your free trial of Falcon Prevent™ today.
• Learn more about Medigate. Read the press release.
• Learn more about Nihon Kohden. Read the press release.