Essentially, Medigate is a cyber security company focused on connected medical devices. We identify medical devices in clinical environments as our sole focus. Medical devices are being increasingly attacked. Whether targeted or untargeted, we’ve seen a dramatic increase in incidents revolving around these devices. The Wannacry attack was a prime example of how healthcare can be disrupted by such attacks, whether its ransomware or health information theft, connected medical devices are very vulnerable assets.
How does Medigate work?
We created a device security platform that addresses the unique characteristics of connected medical devices, with 3 main features: First and foremost, the process starts by obtaining superior clinical visibility into the hospital network. We are able to see all the connected devices in that environment. The big differentiator between us and other companies is we provide a highly granular account of what we see (the “fingerprinting” process) including make, model, OS, application version etc. We have around 15-20 technical attributes that we retrieve from the network, which can be utilized for risk assessment and asset management. The second feature is a clinical anomaly detection engine, which focuses on the clinical behavior of the device itself. Different medical devices behave in different ways, each having its own very specific clinical patterns. Our system is designed to identify deviations from the pattern that may be indicative of a cyber attack And last but not least is the prevention feature. We don’t just provide information, but we also take action through integration with partners and technical alliances. One example is the Palo Alto Network Firewall. Essentially when we detect a medical device is behaving irregularly, we leverage the existing infrastructure by taking action through their network.
What are the risks of having unprotected connected medical devices?
The risk is highly significant. One example is based on the WannaCry attack, in which numerous connected medical devices were locked and shut down. In such scenarios, the entire hospital may be disrupted, which is highly dangerous since we are talking about a mission critical environment like operation rooms, birth rooms etc. Another scenario is theft of medical information and identity theft, which is a growing problem we are seeing. Lastly the worst nightmare scenario is a modification of medical data, which could cause medical devices to administer the wrong dosage of medicine or perform the wrong operation. We haven’t seen this happen yet but it’s a risk we are well aware of. Prevention of these scenarios can also be achieved by integrating with the Network Access Control (NAC), enforcing security policies and micro segmentation on the clinical network.
Are these connected medical devices worth the security risk?
I think that in this day and age, the absolute decision that hospitals are making is that it is worth it. Connectivity allows better care for patients, more accurate data, more efficient care, and at the end of the day that is the mission of hospitals. In parallel, there is more and more recognition of the security problem, and understanding that such devices cannot be operating without proper mitigation and protection.
How do you foresee the future of connected medical devices?
There are several other companies that secure connected devices, but most of them focus on generic IOT rather than medical devices. Having said that, there are other companies that do what we do, and that demonstrates the urgency of this issue. As for the future, I’m optimistic. We’re going to be seeing different stakeholders, be it the hospitals or the medical device manufacturers, investing more and more in clinical cyber security. I expect it to become a considerable investment in the next couple of years, which will contribute significantly to diminishing this problem once and for all.