One of the weakest links within clinical networks are their most critical assets: their connected medical devices. Unlike other critical IT assets, connected medical devices are poorly protected and hardly visible in traditional IT control and cybersecurity systems. Indeed, Information Technology teams often cannot even tell how many medical devices are connected to their network, let alone their type or risk status.
As most of these devices run unpatched software, are in some way misconfigured, operate using insecure communication protocols, and lack adequate compensatory security controls, medical devices are prone to sustained vulnerability exposure.
CyberMDX joins the Cisco Security Technical Alliance to help healthcare organizations improve their clinical networks' cybersecurity posture. Bringing together CyberMDX's MDefend, Cisco ISE, and the pxGrid eco-system, CyberMDX's agentless security solution provides superior visibility into clinical networks, continuous risk assessment along with real-time attack detection and prevention. With this integration, the Cisco Identity Services Engine (ISE) is also enhanced by CyberMDX's AI-based device classification data, allowing for frictionless enforcement of finely-tuned network access policies.
CyberMDX's device-aware network monitoring and insights engine is capable of identifying and classifying devices according to type, vendor, model, version and hardware IDs (MAC, SN), as well as assigning a concordant, context-aware, risk level to each device. For medical center administrators, this inventory mapping and risk assessment provides a simultaneously granular and panoramic view into the cyber vulnerability of their operation — in the aggregate as for each device individually. This data is then pushed to Cisco ISE, boosting its native classification capabilities and providing a single porthole from which all network devices can be monitored and managed.
The communication between CyberMDX MDefend and Cisco ISE systems is bilateral, with information from Cisco ISE being fed back into MDefend, facilitating the best possible security and segmentation outcomes by enriching endpoint network properties and attributes. This feedback loop introduces a level of continuous insight and process refinement to the digital environments powering modern healthcare operations.
CyberMDX MDefend doesn't only provide real-time visibility into devices, their workflows, and concomitant risk levels, but leverages that insight to the tune of effective attack prevention. This outcome is assisted by the MDefend-Cisco ISE Integration, insofar as Cisco ISE executes and enforces the rules that result in attack prevention, according to the security policies generated by MDefend. Looking behind the curtain, you will find a symbiosis empowered by introducing smart automation to the otherwise laborious and error-prone task of micro-segmentation. In this way, you get the best of speed and efficiency along with granular accuracy and control — all in one integrated solution.
In two words, this advantage can be described as “smart Isolation”. Smart isolation intelligently segments a fleet of medical devices into groups, and provides an access policy for each of those groups. Smart isolation is predicated on access policies tailored to each group so as to permit legitimate and operationally justified network access to the devices in that group, while blocking all other attempts to connect to, communicate with, or otherwise remotely interface with those devices. For this purpose, MDefend supports TrustSec, traditional VLAN assignment, and ACL technologies.
Understanding the dynamic and ever-evolving nature of the cyber threat landscape, MDefend continues to monitor a network's micro-segmentation apparatus post-deployment for anomalies or unplanned changes — helping to keep healthcare safe and secure far into the future.
For more information on the Cisco-CyberMDX partnership, head over to Cisco's blog.
For more information on the Cisco ISE-MDefend integration, please refer to the Cisco integration page on the CyberMDX website.