close
close

Gaining Better Visibility Across Medical Devices, IoT, OT

Posted on by darion

Maine Line Health’s implementation of the asset management platform provides significantly greater visibility and improved security for more than 100,000 biomedical devices, IoT devices and OT equipment used across the health system’s numerous hospitals and medical facilities, said Chief Information Security Officer Aaron Weismann.

“It’s critical to be able to see what’s on your network at any given time, to be able to say, ‘Hey, this is actually on the network, or it’s not appropriate for it to be on our network. It should be, let’s say, on the guest network or not connected at all,'” he said.

The implementation of the asset management platform, Armis Centrix, also revealed that there were twice as many devices in the Main Line Health IT environment as in the previous asset management solution it replaced, he added.

“We doubled our device count overnight when we moved to Armis, which was a bit of a surprise to us,” he said. “So we had to reconcile that. Obviously, we didn’t have full visibility of our network. We didn’t have full visibility of devices. Some devices were being discounted,” he said.

He added that from a cybersecurity perspective, deeper visibility of all devices is key.

“We can also look at vulnerability data and recall information for all of our devices,” said Weismann, who is scheduled to speak at the Information Security Media Group Healthcare Cybersecurity Summit in New York on July 18.

“If there are critical vulnerabilities that are impacting a device that are being exploited in the cybersecurity environment to actually impact attacks, we want to be able to know about that so that we can mitigate those attacks and take actions to actually reduce the impact and spread of those events.”

In this audio interview with ISMG (see audio link below the photo), Weismann also talked about this:

  • Main Line Health Asset Management Platform Implementation Details;

  • Other key issues related to medical device cybersecurity include:

  • How to overcome the challenges of network segmentation.

Weismann has served as CISO for Main Line Health, a healthcare system based in Philadelphia, Pennsylvania, for the past four years. Before that, he served as CISO for the Massachusetts Executive Office of Health and Human Services, which provides support and care services to more than 3 million Massachusetts residents.