Daily Banking News
$42.39
-0.38%
$164.24
-0.07%
$60.78
+0.07%
$32.38
+1.31%
$260.02
+0.21%
$372.02
+0.18%
$78.71
-0.06%
$103.99
-0.51%
$76.53
+1.19%
$2.81
-0.71%
$20.46
+0.34%
$72.10
+0.28%
$67.30
+0.42%

CIO offers a primer on using AI and machine learning to secure IoT devices


Skip Rollins is CIO at Freeman Health, the largest health system in southwest Missouri, with 5,000 employees, including more than 350 physicians on staff. Like healthcare CIOs across the nation, Rollins has been fighting off the sharp rise in Internet of things attacks plaguing the industry.

IoT devices, including medical devices, are prime targets for hackers, because they can be easy back doors into primary healthcare networks, where the hackers can gain control over critical systems and data. Rollins carefully monitors and secures Freeman Health’s extensive use of more than 17,000 IP-connected devices to run its facilities and care for patients.

To help readers with this daunting cybersecurity task, Healthcare IT News interviewed Rollins to discuss the ways he goes about keeping his IoT devices secure, including his use of artificial intelligence IT.

Q: Overall, what are the challenges of securing a healthcare organization’s Internet of things devices?

A: We’re seeing an increase in attack surface from the explosive growth of mission-critical IoT devices – including medical devices – that are actually outgrowing the number of traditional IT endpoints. These devices play a critical role in patient care and range widely, from expensive imaging equipment that scans for tumors and HVAC systems that maintain proper air quality, to video surveillance cameras that monitor parking garages.

But these devices also introduce some new security challenges. There are a myriad of them from very different manufacturers, making them harder to secure. These IoT devices aren’t designed with security in mind, often run obsolete operating systems and cannot be patched easily. In addition, due to the small footprint of these devices, you cannot support traditional endpoint security agents on them.

As a result, any IT and cybersecurity strategy for a healthcare organization needs to include the security of connected devices such as IoT, including medical devices.

Q: How do you monitor and secure Freeman Health’s extensive use of more than 17,000 IP-connected devices?

A: My job as a CIO has evolved so much over the years. My peers and I are much more focused on the business aspects of our role versus the technical side of operations, and that means ensuring that these devices stay in service to support our patients while mitigating the risks that they may bring.

Many of the devices we have are directly involved in patient monitoring. The remainder include facilities-management equipment like HVAC, environmental controls, door locks and security cameras, as well as administrative devices like IP phones, office systems, intercoms, mobile devices and laptop computers.

The first step with securing these devices is really to know what is actually in your network. You can’t protect what you don’t know about. That’s foundational to security. Once you know what devices are in your network at a granular level – make, model, serial number and operating system they are running – then you can start to understand the risks associated with them, such as vulnerabilities or weak passwords.

The second step is to understand what these devices are doing. You cannot protect what you don’t understand. Simply knowing a device is an infusion pump isn’t enough. You must understand what it is doing in order to protect it. It’s actually easier to understand devices, compared to users, because devices have very deterministic functions.

A camera should perform a certain function, regardless of what it is and where it is deployed. By baselining what’s normal, you can identify communications to a malicious domain or an unknown country.

Once you know the device and what it’s doing, you can then create appropriate policies to secure these devices. When you have tens of thousands or hundreds of thousands of devices that need to be secured, automation and AI [are] the key to do this at scale and without introducing any errors.

We are very aggressive in…



Read More: CIO offers a primer on using AI and machine learning to secure IoT devices

Get real time updates directly on you device, subscribe now.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Get more stuff like this
in your inbox

Subscribe to our mailing list and get interesting stuff and updates to your email inbox.

Thank you for subscribing.

Something went wrong.