The recent Webinar Wednesday presentation “See. Know. Secure: Simplifying Connected Medical Device Security” by Ordr Director of Healthcare Product Management Ben Stock was eligible for 1 credit from the ACI. The session was sponsored by Ordr.
In this 60-minute webinar, Stock explored simplifying the overwhelming task of keeping connected medical devices protected. Securing connected medical devices can be a daunting task. Stock spent 17 years managing connected medical devices at SSM Health before transitioning to developing products that could address his challenges. In his presentation, he was able to break down the process into three steps and outlined techniques and tools that can be used to identify high-risk devices, understand how they are being used, and implement measures to protect them without interfering with patient care. He explained that there is no one-size-fits-all solution, but there are tools and best practices that can make a seemingly impossible task manageable regardless of the organization’s size.
Stock also answered questions as part of the webinar. One question was, “You mentioned retrospectives, security on one of your slides. What can be done to determine the extent an event?”
“So, we’re gathering stuff, whether we know that it is malicious or not, and we’re keeping metadata around those flows. So, if an event is determined to have happen, either a known event or a zero-day event, where we don’t necessarily know, it’s going on until a certain point in time,” Stock said. “I mean, you can actually take this data and look at it, and analyze it over time, and see what devices are communicating with, what other devices and, watch the east west traffic and the external traffic to determine how an event took place, where it started, what machines were affected. And basically, build a timeline around the event, and how and what occurred, the things that are captured. You, know, when the first and last team, the communication. What’s talking to what. To all give you a picture. Retrospectively of what happened during that event.”
“It gives us a couple things that we can do, we can look at and probably can prevent it in the future, for one,” he added. “And additionally, we can look at what devices were affected, and what we need to focus on to remediate the issue at hand without having to go around and look at every single device that may have been a potential victim.”
The other questions and answers are included in the on-demand recording of the webinar at WebinarWednesday.live.
Attendees provided positive feedback via a post-webinar survey that included the question, “What did you like most about today’s webinar?”
“I really enjoyed the information that was presented and the clarity of the presentation,” said C. Brown, BMET II.
“The simplified explanation of identifying high-risk devices,” said K. Wheeler, BMET III.
“Learning how cybersecurity benefits the hospital in terms of protecting PHI,” Biomed Supervisor A. Bia said.
For more information, visit WebinarWednesday.live.
