This blog post is part of the Microsoft Intelligent Security Association( MISA) guest blog series. Learn more about MISA.

While hospitals continue to battle the COVID-1 9 pandemic, many are battling other “viruses” behind the scenes. Malware, ransomware, and phishing onslaughts against healthcare delivery organisations are on the rise with many increasing in severity, exposure, and ramifications. An calculated 560 US healthcare targets were impacted by ransomware in 2020, with many of these targets being large-scale corporations consisting of hundreds of hospitals.

Most cyberattacks against hospitals originate with or involve unmanaged IoT and medical devices, resulting in prolonged undetected transgress at the device, network, and perimeter levels. In fact, 63 percent of healthcare organizations experienced a security incident related to unmanaged IoT machines in the past two years. These gaps uncover the main components of a hospital’s healthcare delivery mission.

Healthcare organisations are one of the most difficult targets for online onslaughts. The most frequent attacks involve stealing patient data to derive financial gain. However, as the bets rise and the attacks become more brazen, patient lifetimes are now at risk.

The current state of cybersecurity in hospitals

Inherent vulnerabilities are an easy target for bad actors, and many hospital networks absence asset visibility and cybersecurity protection to effectively defend their networks. Currently, hospitals are experiencing 😛 TAGEND

A shortage of cybersecurity talent: A lack of cybersecurity expertise has been a long-standing issue throughout the healthcare industry-leading organizations to rely heavily on third-party providers, software, and hardware to make up for the gap. Confusing regulatory requirements: A disconnection between the intentions of regulators and the nature of cybersecurity continues to drive vulnerabilities. Regulation is designed to prevent past instances from recurring and as such is fundamentally retrospective. Minimal software updating and security patching: Updating software and implementing security patches is critical to preventing many cyberattacks and yet machine management within the industry is significantly lacking. In fact, 60 percent of medical machines are at the end-of-life stage with no spots or upgrades available. A proliferation of connected devices: More connected devices come into hospitals each year and the trend is only developing. More than 400 million connected medical devices are already operational worldwide, with another 125 million or so expected to come online in the following financial year.

Nursing the industry back to health

To effectively protect and defend hospitals from these attacks, a multi-layered approach and best-of-breed solution is required. Microsoft Defender for Endpoint is a complete security solution that protects endpoints from cyber menaces, sees advanced attacks and data transgress, automates security incidents, and improves security posture. Complementary to this, the CyberMDX Healthcare Security Suite gets more granular and healthcare-specific by identifying, categorizing, and protecting connected medical devices–ensuring resiliency, as well as patient safety and data privacy.

Architectural diagram displaying CyberMDX integrating with Microsoft Defender for Endpoint.

Coupling the CyberMDX solution’s visibility and detection capabilities for unmanaged healthcare devices, together with Microsoft Defender for Endpoint single pane of glass view, healthcare organisations are equipped with unmatched cross-platform and machine visibility, classification, and incident response capabilities.

With this combined solution, a large hospital network in the US was able to secure 100 plus connected machine forms across 26 locations. They were able to 😛 TAGEND

Gain full breakthrough of all the connected( managed and unmanaged) devices in their network, whether medical machines, IoT, workstations, mobile and more. Automatically apply increased risk profile to each connected asset and alert security rights squad of any malicious activity. Gain insight into device utilization metrics. Automatically trail medical machine recalls.

The solution also provided customized reports to IT, biomed, compliance, and executives, and instantaneously highlighted security issues related to ePHI, patient safety, and internet exposure. The hospital faculty likewise utilized the comprehensive dashboards and reports for clinical network and medical device security, helping the IT and security teams to share information and collaborate more than they had in the past. The answer helped ensure patient safety and improved care so they could get back to what was important–saving lives.

The security of connected medical and IoT machines is a serious concern and strikes can come from anywhere. Together, CyberMDX and Microsoft offer a holistic position of all managed and unmanaged medical machines in a single dashboard; inducing hospitals safer and more effective, so they can go back to focusing on their patients and saving lives.

Learn more

Explore CyberMDX. Visit the CyberMDX listing in the Azure Marketplace or visit our web page.

To learn more about the Microsoft Intelligent Security Association( MISA ), visit our website, where you can learn about the MISA program, product integratings and find MISA members. Visit the video playlist to learn about the strength of member integratings with Microsoft products.

To learn more about Microsoft Security answers visit our website . Bookmark the Security blog to keep up with our expert coverage on security matters. Likewise, follow us at @MSFTSecurity for the most recent developments and updates on cybersecurity.

The post CyberMDX and Microsoft: Protecting life-saving medical machines seemed first on Microsoft Security .

Read more: microsoft.com