Medigate

​​​​​​​​​​​​​​​​​​​​​​​​Medigate

Medigate combines knowledge of proprietary protocols, clinical workflows and extensive cy- bersecurity expertise, the aim of which is to provide accurate identification of connected de- vices, promotion of network-centric policies and operational efficiency.


 



Our story

There has been an increase in the intensity of cyberattacks on healthcare facilities such as hospitals, nursing homes and hospices in recent years. This represents a major problem from the point of view of data leaks and human health. Compromised facilities have to reschedule examinations or operations due to malfunctioning systems, putting the health of their patients at real risk. 

Thanks to cyberattacks, healthcare in the Czech Republic ranks as one of the most vulnerable sectors. There were 17 incidents in 2020 and statistics already show 26 the following year, so an upward trend is evident. The most common form of attack is ransomware, which blocks data and demands a ransom. 

We used the Medigate Device Security Platform (MDSP) for a healthcare client as part of a security enhancement project to identify and profile every device connected to the network in the organisation. MDSP offers unrivalled accuracy in connected medical device profiles, contextual anomaly detection and identification of risks with a unique approach to decoding proprietary IoT protocols in the sub-area of healthcare-specific protocols. 

The up-to-date data which we obtained on the basis of the MDSP solution in the project was used to identify precise risks and, by developing effective hospital organisation policies, we were able to improve the cybersecurity of individual platforms or assets. This brought not only visibility to the IoT infrastructure, but also protection and optimisation of connected medical operations. 

With Medigate, we gained a combination of knowledge of proprietary protocols, clinical workflows and extensive cybersecurity expertise, the aim of which is to provide the client accurate identification of connected devices and promotion of network-centric policies and operational efficiency.

Our solution

Visibility, statistics and detection of anomalies 

The basis of MDSP is constituted by accurate and detailed visibility of all connected devices. Within only a few hours of connecting to the IoT infrastructure (via a TAP or SPAN port), Medigate passively identifies devices and begins providing accurate and detailed information about IoT and medical devices connected to the network. 

This means that the basic version of MDSP offers the following primary functionalities: „ 

  • Detection of anomalies and alerting - identifies risks, including plaintext login credentials, unencrypted personal health information (PHI), vulnerabilities and outdated versions. „ 
  • Network communication mapping - maps relationships between devices (world map, communication matrix, VLAN matrix, and more).
  • Threat Intelligence – provides tailored indicators of compromise which are specific to healthcare and devices identified in the network.
  • Vulnerability assessment – MDSP passively assesses and correlates IoT and IoMT device vulnerabilities without the need for login credentials. 

The solution is further extended by three modules which expand the basic part to include more detailed, specific attributes and information which significantly refine the resulting outputs provided by the solution. These are the Clinical Cyber Hygiene, Network Policy Management and Clinical Device Efficiency modules.​

Key benefits 

  • Continuous promotion of protective and preventive security policies for individual medical devices.
  • Reduction of security vulnerabilities and risks associated with successful cyberattacks. „
  • Prevention of infections spreading to the rest of the infrastructure.
  • Collection of useful information about management of the IoMT and devices connected to the IoT.​

​Integration

Medigate offers the most extensive platform integration capability in the field of medicine, allowing you to easily extend your existing security infrastructure into an already established healthcare environment. 

Among others, it is for example able to feed all of the information which is collected, such as complex profiles of individual devices and information about risks allowing for better decision-making, into NGFW, NAC, SIEM and CMMS solutions. 

Everything starts with detailed identification of every medical device in the network. Using deep packet inspection, Medigate provides unique identifiers for individual devices, including configuration, usage, performance and location. 

The ability to tag medical devices by function type, supplier and model name allows for more detailed policy management op- tions. Medigate also ensures that tags remain up-to-date by constantly monitoring changes in device network properties, such as the IP address and software version.​

Our advantages​

  • ​We are a successfully established Czech security company that has been on the market for over 30 years. 
  • We listen to our clients and adapt our tests to their needs and time constraints. 
  • Our team is made up of specialists with a wealth of experience in development and ethical hacking. We follow the latest trends in social engineering. 
  • We combine penetration testing, automated source code analysis, manual reviews and audits to uncover a wide range of vulnerabilities. 
  • The resulting reports from the tests we conduct contain detailed descriptions of the vulnerabilities found and specific recommendations to fix them that are tailored to the technologies used. 
  • We build our services on many years of experience and time-tested standards.​

​References

In this field we have lots of experience with project implementation for important companies in their branches. We will be happy to provide more references upon request.​​​

Contact us


Check: