Cyber Defence In Clinics
Monitoring the Infrastructure in IT, IoMT & OT
How Do Clinics Solve The Following Problems?
High Complexity & Lack Of Segmentation
Clinical networks have a high level of complexity with spatially and systematically distributed and intermingled assets. In addition, these networks are often not segmented, which means that there is no logical separation or subdivision. This lack of segmentation poses security risks and makes it more difficult to detect and respond to an attack.
CIA Triad & Variety Of Regulations
Attack defense, detection and response in clinical operations is particularly challenging due to the criticality in all areas of the CIA triad. At the same time, a large number of regulations apply (in some cases BSIG, B3S hospital, in future NIS2) if the threshold for critical infrastructure is exceeded.
Different Providers
In medical technology in particular, assets from different providers are often used, each with a large number of internal and external communication connections. The diversity of providers makes it difficult to carry out updates and integrate new installations.
Limited Budget & Lack Of Staff
The situation is made more difficult by limited budgets, which are often managed by the public sector, as well as a lack of internal staff with the relevant expertise.
An exemplary project with us
How We Help You Stay Resilient
Together, we create a security target concept: with a structured analysis of security requirements and the creation of an end-to-end security stack.
Definition of the best possible combination of internal and external services and tools (e.g. IoMT platform, managed SOC, SIEM solution, endpoint security, network segmentation, etc.).
Request for quotations from defined providers – can be anonymized
Coordination, consolidation and preparation of the offers as well as evaluation with a recommendation regarding top providers and concepts in comparison with the specification and the target concept
Creation of a report with a clear award recommendation & visibility of the differentiating features
Result: Basis for a high-quality decision and final negotiation and award of contract
Use Cases - Critical Infrastructures
Projects In Detail
University Hospital
- Co-Managed SIEM operated jointly with an external Managed SOC
- 24/7 monitoring of the systems by the Managed SOC Partner
- Reaction on the SOC partly directly to e.g. end devices, partly escalation to the customer's 24/7 on-call service
- Market analysis to identify potential bidders for target concept and obtain price indications
- Creation of service description and specifications
- Europe-wide call for tenders
University Hospital
- Asset Discovery to identify IoMT and OT devices and separate them from IT devices
- Network Segmentation: Support for segmentation through direct creation of rules for a NAC solution and visualization of network segmentation
- Vulnerability Analysis and risk analysis with a focus on IoMT and OT devices
- Anomaly Detection as an attack detection system with a focus on IoMT/OT
- Connection to a SIEM platform and an external managed SOC
- Market analysis to identify potential bidders for target concept and obtain price indications
- Creation of service description and specifications
- Europe-wide call for tenders
View An Exemplary Project Together In 15 Minutes
Simeon Mussler
COO CyberCompare