Blog

4 IoT Use Cases That Are Changing the Face of Healthcare

alextate07@gmail.com (Alex Tate) — Tue, 04 Aug 2020 10:13:00 GMT

Medicine has not been immune to the wave of digitization that’s reshaped so many other aspects of life. With the growth of IoT and the advent of its corollary IoMT (Internet of Medical Things), the paradigm for modern healthcare has shifted. Indeed, estimates suggest that the healthcare IoT market is expected to grow at a CAGR of 29.9 percent to reach $322.2 billion by 2025.

The New Normal: How COVID-19 Is Complicating MedTech & HIT Management

amir_v@cybermdx.com (Amir Vashkover) — Tue, 28 Jul 2020 14:51:23 GMT

Bearing the weight of a global pandemic, the healthcare system is struggling with medical surge and runs on vital equipment. Sadly, hospitals have also been beset by a marked increase in cybercrime — threatening their very efficiency, safety, and security.

Coronavirus & Work From Home Security

amir_v@cybermdx.com (Amir Vashkover) — Thu, 16 Jul 2020 20:15:00 GMT

With the outbreak of the novel coronavirus came shelter-in-place orders and the common sense desire to keep people away from potential virus hotspots. For hospitals, that's resulted in a very serious effort to move non-essential employees to a work-from-home model.

Coronavirus, Telemedicine, and Security

Safi Oranski — Thu, 02 Jul 2020 06:38:00 GMT

With the outbreak of the novel coronavirus crisis, hackers smell blood in the water. Focused on addressing the crisis, already stretched super thin, and forced to improvise at each new turn, healthcare organizations in particular present an attractive target for hackers.

3 Security Considerations for Hospitals Moving to Cloud Infrastructure

rahul@arkenea.com (Rahul Varshneya) — Wed, 24 Jun 2020 15:29:34 GMT

The embrace of cloud solutions in healthcare has been accelerating at a frenetic pace. Since the introduction of the Affordable Care Act which compelled the adoption of Electronic Medical Records (EMR) and supporting systems, US hospitals have been more open to not only digitizing their processes, but to decentralizing their information technology infrastructure and moving cloud-ward.

Ripple20: Why this Latest Bundle of Related CVEs Is Making Waves

Jon Rabinowitz — Wed, 17 Jun 2020 21:05:56 GMT

Yesterday CISA released an advisory for nineteen previously unknown vulnerabilities affecting Treck's embedded TCP/IP stack (also known as a network stack). This disclosure was the result of some very meticulous and dedicated research on the part of JSOF, beginning in September 2019.

Five Nearly Universal Enterprise Information Security Best Practices

Jon Rabinowitz — Tue, 19 May 2020 16:22:23 GMT

In the world of enterprise information security, the specific areas of knowledge and expertise that set you apart in your current situation might not be as directly and immediately applicable to a different IT environment or different professional circumstances.

How Network Analytics Can Enhance Biomedical Engineering Workflows

Safi Oranski — Wed, 06 May 2020 15:53:54 GMT

In large organizations it's only natural for most of the workforce to ignore network analytics — mentally relegating it to the domain of IT and IT alone. In hospitals, more often than not, that type of mentality proves a mistake. The insights extracted via network analytics offer serious opportunities for operational improvements and added value across departments.

Put Your Knowledge to the Test: Connected Medical Device Risk Exposure

Jon Rabinowitz — Tue, 28 Apr 2020 19:03:42 GMT

In times like these, we could all use a distraction. With that in mind, we've created this short quiz on the state of connected healthcare and its digital risks.

The US Coronavirus Relief Package: How Hospitals Can (and Cannot) Claim and Spend Funds

Jon Rabinowitz — Thu, 23 Apr 2020 13:11:13 GMT

As COVID-19 continues to plague the world, governments are beginning to pass legislation aimed at both strengthening critical infrastructure and propping up the wider economy.

Cause for Optimism: Resourcefulness in the Face of COVID-19

Jon Rabinowitz — Mon, 06 Apr 2020 19:39:50 GMT

There seems to be a lot of doom and gloom in the air these days and it's not hard to understand why. While I admit to sometimes playing the role of Negative Nelly myself, the truth is that all that negativity unfairly and inaccurately distorts our perception of reality.

How Improved Tracking Processes Can Boost Medical Device Availability

Safi Oranski — Wed, 25 Mar 2020 18:11:47 GMT

As part of the worldwide battle against COVID-19, hospitals will need to maximize the availability and visibility of key medical assets. By automatically locating medical devices and tracking utilization, HDOs can improve operational efficiencies and accelerate care

10 Quick Cybersecurity Tips for Hospitals in the Midst of COVID-19

Ido Geffen — Thu, 19 Mar 2020 09:32:00 GMT

There's no denying it and no point in ignoring it, so let's just acknowledge it: there's a big ugly elephant in the room and it goes by the name COVID-19. It's on everyone's mind, has already exacted a heavy human cost, is the source of untold anxiety and consternation, is the gravest threat to the global economy since the Great Recession, and is likely to only get worse.

The Windows 10 'SMBGhost' Vulnerability: What to Know & What to Do

Ido Geffen — Mon, 16 Mar 2020 11:23:41 GMT

On Wednesday March 11^th, reports began to emerge about a vulnerability in the compression mechanism used by Microsoft for SMBv3.1.1. If exploited, this vulnerability would allow an attacker to remotely execute code on affected devices and systems.

The Next Generation of Healthcare Risk Management Has Arrived

amir_v@cybermdx.com (Amir Vashkover) — Thu, 12 Mar 2020 16:22:21 GMT

In business as in life it’s important to cover your backside. More important and higher minded though is covering your bases. If you engage in risky behavior, it’s a good idea to insulate yourself from potential fallout; it’s even better to take steps to reduce or even eliminate the potential for fallout.

How Automating Healthcare Processes Changes the Way Hospitals Operate

Jon Rabinowitz — Thu, 20 Feb 2020 12:38:04 GMT

From improving patient experience to enhancing medical procedures, technology functions as the engine driving the healthcare system forward.

12 Top Healthcare Conferences to Attend in 2020

Jon Rabinowitz — Sun, 09 Feb 2020 13:52:51 GMT

Each year there are countless conferences and events focused on healthcare management and technology, but with so many options, it can be difficult to pick the right ones for your specific purposes.

The CCPA and Healthcare: What You Need to Know

Safi Oranski — Tue, 28 Jan 2020 20:56:00 GMT

Providing consumers greater control and transparency over their personal data, the California Consumer Privacy Act (CCPA) went into effect on January 1, 2020.

Everything You Need to Know About the MDhex Vulnerabilities

Jon Rabinowitz — Thu, 23 Jan 2020 18:00:00 GMT

Today, GE Healthcare — in coordination with CyberMDX and CISA (formerly ICS-CERT) — publicly disclosed the discovery of six software design flaws affecting seven products in their popular CARESCAPE line. These flaws represent a significant cybersecurity risk and offer an open door to bad actors who might seek to disrupt hospital operations or steal valuable medical data.

Windows 7 EoL Has Arrived: Now What?

Ido Geffen — Tue, 14 Jan 2020 16:03:00 GMT

Although Microsoft officially ended mainstream support for Windows 7 back in January 2015, the company continued to release security patches and offer updates for an additional five years. As of January 14th 2020, that’s no longer the case.

A Very CyberMDX New Year's Resolution

Jon Rabinowitz — Mon, 06 Jan 2020 09:49:29 GMT

The new year is a time take stock and be grateful for what we have. At CyberMDX, we're grateful for our amazing team, the best-in-class solution we've developed and continually improve, and of course for our customers.

5 Hospital Technology and Transformation Predictions for 2020

Jon Rabinowitz — Tue, 31 Dec 2019 14:58:28 GMT

Each year we take some time to look at the trends we see happening in hospital technology and transformation. It is instructive to study the patterns and disruptive pressures contributing to changes in the hospital industry.

Grading Our 2019 Healthcare Predictions

Jon Rabinowitz — Wed, 18 Dec 2019 13:31:00 GMT

Along with all its holiday cheer, this time of year always seems to bring a bounty of predictions as to what the industry will experience over the course of our next lap around the sun. Often, that flurry of articles and blog posts seems more motivated by click-bait than thoughtful industry analysis and predictions are seldom ever held to account against the test of time.

5 Medical Information Security Lessons for 2020

Jon Rabinowitz — Thu, 12 Dec 2019 14:16:57 GMT

In the world of information security, each new year brings new opportunities for growth and learning. From new cyber threats and mitigations to new tools and techniques, there's no shortage of new information to assimilate, new skills to master, and new lessons to take.

5 Top Healthcare Technology Trends Going Into 2020

Jon Rabinowitz — Sun, 08 Dec 2019 10:59:45 GMT

It goes without saying that advances in healthcare technology are fundamentally changing the way that medicine is practiced. Recently, it would seem that these advances have begun to evolve more rapidly and more profoundly.

A First Blush Guide to Cybersecurity in Hospitals

Jon Rabinowitz — Wed, 27 Nov 2019 13:30:29 GMT

The healthcare industry has come a long way in terms of technological advancement. Healthcare IT systems, structures, and standards have transformed modern healthcare and provided hospitals with new opportunities when it comes to patient care.

A Compendium of Connected Healthcare Technology Facts & Figures

Jon Rabinowitz — Wed, 20 Nov 2019 14:32:21 GMT

Healthcare is the most cyber-targeted industry, with nearly one out of every six US data breaches happening in hospitals and the problem is only getting worse. 15,085,302 individual medical records were breached globally in 2018 — representing a 3X increase over the year prior. In 2019, things are looking even bleaker, with that figure having more than doubled ⁠— reaching nearly 32 million breached records ⁠— in the first half of the year alone!

Put a SOC In It!

amir_v@cybermdx.com (Amir Vashkover) — Thu, 14 Nov 2019 15:12:51 GMT

"Who will watch the watchmen?" It's a deceptively poignant and tricky question dating back to ancient Rome when it was famously posed by Juvenal. Then, as now, it would seem many of the most biting social commentaries rise to popular consciousness through the satirists.

After the Dust Has Settled: GDPR in Healthcare

amir_v@cybermdx.com (Amir Vashkover) — Thu, 31 Oct 2019 09:07:07 GMT

It's been more than a year since the General Data Protection Regulation (GDPR) has taken effect. The European Commission's wide-reaching law was designed to protect the privacy of EU citizens and residents while pushing businesses to handle people's personal information more sparingly and with greater security and sensitivity.

How Cybersecurity Factors into the Medical Device Procurement Process

Jon Rabinowitz — Thu, 24 Oct 2019 19:40:58 GMT

In 2018, the global medical device and clinical asset market was worth approximately $8.98 billion. By 2025, it’s estimated that it will be worth $61.35 billion. Hospitals, on average, spend 11-13% of their annual budget on medical devices and clinical assets.

How MDS² Data Can Inform Smarter Medical Device Workflows

Ido Geffen — Thu, 17 Oct 2019 12:26:15 GMT

In 2004, Nema (the National Electrical Manufacturers Association), together with HIMSS (Health Information and Management Systems Society) and a number of other security experts and government agencies, produced a short document template for manufacturers to use in order to describe the vital security properties of their devices.

The Top 4 Problems Hospitals Face When Addressing Cybersecurity

Jon Rabinowitz — Tue, 08 Oct 2019 11:12:12 GMT

It's already a well-known fact: cybersecurity constitutes a major challenge for connected healthcare operations, regardless of their unique organizational structures and processes. When each cyberattack costs healthcare organizations an average of $1.4 million to recover, it is critical that any and all gaps in network defenses are quickly identified and filled.

How Hospitals Prioritize Digital Risk Management

Ido Hoyda — Wed, 02 Oct 2019 12:21:12 GMT

In the last several years, data breaches and cyber attacks on healthcare organizations have been in the news with alarming frequency.

HealthOps: The Next Frontier of Healthcare Management

Safi Oranski — Wed, 25 Sep 2019 09:42:01 GMT

This article is the final installment of a three-part series. We've already examined how those traits and trends converged around the principle of agility. Now, we'll discuss how the push for greater agility has given way to a broader "DevOps-ification".

Smarter, Lighter, More Proactive: The Strategy of Business Agility

Safi Oranski — Thu, 19 Sep 2019 08:29:21 GMT

This article is the second installment of a three-part series. In the previous installment, we examined how technology evolved and how it has culminated in the streamlined, automated, intelligence of Internet of Things ecosystems. We paid special attention to the healthcare sector and looked at how the Internet of Medical Things is availing itself to new technologies as it pushes to open new healthcare frontiers and improve patient outcomes.

The Internet of Medical Things (IoMT) Punctuates a Century of Progress

Safi Oranski — Thu, 12 Sep 2019 12:10:09 GMT

"When wireless is perfectly applied, the whole earth will be converted into a huge brain, which in fact it is, all things being particles of a real and rhythmic whole.”

Why It’s Wrong to Sync Medical Device Patching & Scheduled Maintenance

Jon Rabinowitz — Thu, 05 Sep 2019 12:23:54 GMT

Machines are indispensable, yet imperfect. They work fine one day and break down the next. What’s more, even if the machine remains in essentially the same working order, you’ll still need to reconfigure, adjust, reinforce, or add components if its environment is liable to change.

How Medical Device Cybersecurity Complements Physical Access Control

amir_v@cybermdx.com (Amir Vashkover) — Wed, 21 Aug 2019 19:09:36 GMT

It’s only reasonable that access to sensitive medical devices should be restricted to those who require it. Physical access guidelines are designed to ensure that only professionals with the proper knowledge and need can utilize medical equipment to the greatest extent possible.

Windows DejaBlue: Lookalike RDP Flaws Emerge Months After BlueKeep

Jon Rabinowitz — Fri, 16 Aug 2019 17:38:21 GMT

On August 13, 2019 Microsoft utilized “Patch Tuesday” to release 36 new CVEs. Of those vulnerabilities, four stand out for their striking similarity to the BlueKeep vulnerability that sent shock waves through the industry only three months earlier.

Everything HDOs Need to Know About URGENT/11

Ido Geffen — Wed, 07 Aug 2019 19:10:38 GMT

On July 29th, 2019, eleven vulnerabilities affecting the “VxWorks” Real Time Operating System (RTOS) were publicly disclosed. Since these vulnerabilities were all reported by the same source and all deal with VxWorks’ network stack (the software code implementing network communications), they were bundled together in the same advisory: ICSA-19-211-01.

In Perspective: the Baltimore Hack Attack

Jon Rabinowitz — Tue, 30 Jul 2019 12:05:21 GMT

The world is a dangerous place. Perhaps it’s always been that way. Nature is governed by evolutionary competition, politics take shape where interests and power meet, and economics are ruled by free markets and comparative advantages. It’s a brutal, cutthroat business. And yet, things seem even more dangerous today.

Why Cybersecurity is Important for Biomedical Engineers

Jon Rabinowitz — Tue, 23 Jul 2019 15:54:06 GMT

Biomedical engineers are the unseen force behind some of modern medicine's greatest achievements. Biomedical engineers are at the forefront of exciting research and they are staples of day-to-day hospital operations. Their responsibilities are wide-ranging and they touch many aspects of modern healthcare, from medical imaging to bionanotechnology.

How to Track and Act On Clinical Asset Utilization Insights

Ido Geffen — Mon, 15 Jul 2019 10:42:44 GMT

HDOs occupy a unique position: on the one hand, their focus is on patient care, and their success is measured by health outcomes. On the other hand, they are businesses, with investors, executives, and a need to watch their financial bottom line.

New Anesthesia Machine Vulnerability Disclosure Tells a Bigger Story

Jon Rabinowitz — Tue, 09 Jul 2019 21:22:35 GMT

For the first time, on July 9, 2019, ICS-CERT disclosed a vulnerability specifically impacting anesthesia machines. If exploited, the vulnerability would allow an attacker to silence alarms, alter date and time settings, adjust gas composition inputs, change barometric pressure, and switch between anesthetic agents — all without authentication.

Why CVE-2019-5599, SACK Panic, Is Causing Headaches

Jon Rabinowitz — Mon, 01 Jul 2019 15:52:49 GMT

On June 18, 2019, Netflix researchers, together with MITRE, issued an advisory containing four vulnerabilities relating to how Linux handles TCP Selective-Acknowledgement (SACK) at the kernel level. These vulnerabilities affect devices running operating systems containing a large range of Linux and FreeBSD kernels. The most dangerous such vulnerability has been dubbed the "SACK Panic” vulnerability (CVE-2019-11477), which if exploited it can the device to crash courtesy of kernel panic.

Cyber-Enabled Hospital Merger and Acquisition Management

Safi Oranski — Thu, 20 Jun 2019 09:23:55 GMT

The healthcare industry in the US has been facing widespread disruption for some years. The Affordable Care Act in 2010 demanded that the industry carry out wholesale changes to its processes and systems in order to bring down patient costs and streamline data management.

CVE-2019-10962 & IoT Security Threats From "Innocent" Objects

Jon Rabinowitz — Mon, 17 Jun 2019 07:00:24 GMT

At one point early on in the beloved C. S. Lewis children’s novel, The Lion, the Witch and the Wardrobe, Mr. Tumnus sets the scene, intimating the stakes involved and explaining his own timidity, saying, “The Witch is ever so watchful. Even the trees have eyes...!”

3 Best Practices to Guide Your Healthcare Automation

Safi Oranski — Wed, 05 Jun 2019 09:26:19 GMT

The climate for healthcare organizations is a challenging one, with healthcare costs expected to rise by 6.5% over the next year. Between tighter compliance regulations, increased competition, and tighter budgets, HDOs have to do everything possible to reduce costs and streamline healthcare delivery processes.

How Cybersecurity Enables Medical Device Regulatory Compliance

amir_v@cybermdx.com (Amir Vashkover) — Sun, 26 May 2019 09:25:22 GMT

For healthcare organizations, regulatory compliance is serious business. Non-compliance not only carries serious ethical implications and threatens the loss of public trust, but even from a purely financial perspective, regulations still loom large. HIPAA especially.

The BlueKeep Vulnerability Is Stalking Hospital Halls

Ido Hoyda — Thu, 16 May 2019 15:13:16 GMT

On May 14, 2019, Microsoft published an advisory for a newly discovered remote code execution vulnerability. Given the identifier CVE-2019-0708, the vulnerability has been more popularly named "BlueKeep".