Windows Are Closing on Medical Devices
Total Page:16
File Type:pdf, Size:1020Kb
Windows are Closing on Medical Devices Pedro Vidal Vice President, Global Consulting Sales Mike Bruchanski Sr. Director, Product Management Pedro Vidal Mike Bruchanski VP, Global Consulting Sales Senior Director of Product Management ▪ Served as VP of NA West Sales and VP of ▪ Leads Product Management team for Consulting Sales at BlackBerry Cylance BlackBerry Cylance ▪ Former head of US Healthcare Business at ▪ Over 20 years experience delivering cutting McAfee edge security and aerospace software AGENDA Threats to Medical Device Manufacturing and HDOs Windows Products Reaching End of Support Windows End of Support: What It Means for Medical Device Manufacturers and HDOs Your Organization’s Readiness Level: Closing the Security Gaps and Minimizing Vulnerabilities Current Challenges in the Industry Large Exposure Do you know how multiple apps and widgets used to deliver patient Device Governance care or track metrics are managed Who is responsible in in the organization? supporting devices from a security patching standpoint? What happens when devices become unsupported? Decentralized Operations Highly Sensitive Data How do you balance access to How do you protect sensitive information to ensure patient care? information such as PHI and How do you ensure proper controls R&D from ransomware are in place? extortion or theft? What Did Microsoft Announce? Windows 7 support will end on January 14, 2020 Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that we can focus our investment on supporting newer technologies and great new experiences. The specific end of support day for Windows 7 will be January 14, 2020. After that, technical assistance and software updates from Windows Update that help protect your PC will no longer be available for the product. Microsoft strongly recommends that you move to Windows 10 sometime before January 2020 to avoid a situation where you need service or support that is no longer available. What Devices Could Be Affected? ▪ Patient monitoring workstations ▪ Central nursing workstations ▪ Blood testing systems ▪ Stress testing systems ▪ Backend database (ex. PACS) ▪ Other devices that feed in the central database systems ▪ MRIs and X-ray systems (some run on Windows) What Did We Learn From The Past? WannaCry 2017 Ransomware Attack ▪ 230,000 computers across 150 countries infected ▪ Targeted traditional Windows systems ▪ Homogenous, feature-rich, and closely related to traditional computing systems ▪ Very prevalent in clinical environments ▪ Significant disruption in hospital operations ▪ Medical devices had to be isolated and updated Causes ▪ Failure to apply security patches ▪ Use of older Windows systems that had reached its end of life Why Should You Be Concerned? HDOs hold sensitive assets. 1 ▪ A 2018 CSO report states that healthcare suffers twice as many cyber attacks as other industries. ▪ Threat actors conduct ransomware extortion, theft of PHI and R&D. HDOs are easy targets. 2 ▪ Multiple in-house and third party providers/suppliers have access to network and data. ▪ Open access problem: the environment cannot be too strictly controlled since information must be readily accessed to ensure patient care. HDOs are very vulnerable. 3 ▪ The exposure is so large. Do you have an inventory of the devices that you have? Where are they? What is their attack surface? Which apps interface with the clinical side of org, nursing workstations, etc.? ▪ How do you support medical devices without voiding the warranties? What Should You Do Before January 14, 2020? Recommendations 1. Clinical Security Program 2. Vendor Device Partnerships 3. Inventory Medical Devices Examples: Nuvolo, Medigate, and Armis, etc. 4. Risk Categorization Best Practices 1. Device Hardening 2. Network Segregation 3. Monitoring/Logging How Can We Help You? ▪ What is most critical to your business? ▪ What is the current focus of your organization? ▪ CylancePROTECT® is very ▪ We can help in the discussions with effective on a Windows manufacturers so as not to void platform. warranties to implement our product. ▪ Supports Windows 7, Windows ▪ We can architect the environment CE among many others. and lessen the attack surface on your devices. LEVERAGING AI TO PROTECT HOSPITAL IT INFRASTRUCTURE Prevention is Now Possible CylancePROTECT® has been able to detect and block new threats before they were first seen “in the wild” – without any updates or special configuration. Examples include: NotPetya 21 QakBot 17 18 WannaCry 20 Shamoon 2 17 GlassRat 18 Zcryptor 6 Sauron/Strider/Remsec 18 Goldeneye 14 Time in Months 0 5 10 15 20 25 Demystifying Ai ‘Eye roundness’? ‘pupil roundness’? ‘Ears hanging?’ ‘Tongue visible’? ‘Tongue width’? ‘Tongue length’? ‘Nostrils open’? ‘Nostrils size’? ©2019 Cylance Inc. All Rights Reserved. ‘Ears hanging’ = 0.0 ‘Ears hanging’ = 0.1 ‘Eye roundness’ = 0.5 ‘pupil roundness’ = 0.1 ‘Eye roundness’ = 0.9 ‘pupil roundness’ = 0.9 ‘Nostrils open’ = 0.2 ‘Nostrils size’ = 0.1 ‘Nostrils open’ = 1.0 ‘Nostrils size’ = 0.9 ‘Tongue visible’ = 0.8 ‘Tongue visible’ = 0.0 ‘Tongue width’ = 0.7 ‘Tongue width’ = 0.0 ‘Tongue length’ = 0.4 ‘Tongue length’ = 0.0 (0.1, 0.9, 0.9, 1.0, 0.9, 0.8, 0.7, 0.4) (0.0, 0.5, 0.1, 0.2, 0.1, 0.0, 0.0, 0.0) this dog’s feature vector this cat’s feature vector ©2019 Cylance Inc. All Rights Reserved. Ears hanging Eye roundness Pupil roundness Nostrils open Nostrils size Dachshunds Tongue visible Tongue width Tongue length Persian Cats ©2019 Cylance Inc. All Rights Reserved. Introducing: The AI Platform Cylance Persona-Based UI/UX I I I P P P A A A ▪ Compromise Assessment c c c i i i l l ▪ Malware ▪ Managed Threat Hunting l b b ▪ Scripts b u u ▪ ML-Based u P P ▪ Memory Endpoint P Prevention ▪ Devices ▪ Applications Cylance Unified Cloud AI Endpoint Endpoint Detection CylanceV™ Investigation and Response ▪ Malware Playbook– Driven OEM Automated Response Cylance Endpoint Framework ▪ Remote Forensic Cylance Smart ™ A Single Cylance Agent Investigation AntiVirus ▪ Incident Containment CYLANCE AI PLATFORM DATA SCIENCE THREAT RESEARCH CylanceOPTICS HUMAN SECURITY EXPERTISE CylancePROTECT CylancePERSONA AI Platform Benefits Effectiveness Simplicity Performance ▪ 99.7% effectiveness (NSS) ▪ Replaces traditional AV ▪ Lightweight agent ▪ Very low false positive rate ▪ Increases ROI up to 250%* ▪ 1-2% impact to CPU ▪ Malware executables Remove unnecessary layers ▪ User systems run faster ▪ Fileless & memory malware ▪ Reduce help desk calls and ▪ Extends hardware lifespan ▪ Advanced persistent threats system re-imaging ▪ Network bandwidth reduction ▪ Zero days attacks ▪ Stop emergency patching *Source: Forrester Consulting Total Economic Impact Report CylancePROTECT Cloud CylanceHYBRID™ CylanceON-PREM™ Fast deployment of Cylance Agent Download Cylance once and Cylance continuous threat to your endpoints from the cloud. redistribute locally. prevention without a connection. Continuous threat prevention powered Solves the problem of maintaining an For organizations with isolated by artificial intelligence. effective security posture on private or (air-gapped) networks whose main restricted networks. priorities are security and control. Take advantage of the Software-as-a-service deployment, Acts as an intermediary between the cloud Offers unparalleled protection without a eliminating the need for dedicated and local network. network/cloud connection. hardware. All security agent updates, policy changes, Local management console and Seamless updating of management and centroid updates pass from the cloud predictive detection tools offer robust in- console with no intervention to the local network through house protection. required by users. CylanceHYBRID. Case Studies CHALLENGES CHALLENGES ▪ Identifying and remediating all pre-existing security breaches ▪ Protecting a complex distributed attack surface from adversaries attempting to ransom patient ▪ Ensuring uninterrupted access to electronic medical record data and disrupt hospital operations (EMR) and clinical desktop systems healthcare professionals rely upon to render quality care ▪ Identifying and closing gaps in the hospital’s security policies, processes, and procedures ▪ Assessing and baselining the company’s overall security posture and risk profile Additional Resources FACT SHEET ▪ Cylance Consulting Services WHITE PAPERS ▪ A Devastating Assault on Healthcare ▪ Ransomware Prevention is Possible ▪ Securing Medical Technology Devices ▪ The Medical Device Paradox ▪ Leveraging AI to Protect Hospital IT Infrastructure CASE STUDIES ▪ Phoenix Children's Hospital ▪ Satellite Healthcare Contact Us [email protected] +1-877-973-3336 Learn more about BlackBerry Cylance: www.cylance.com/healthcare ©2019 Cylance Inc. All Rights Reserved..