VMblog speaks with John
Yun, Head of Marketing for ZingBox, to learn more about the challenges and the solutions available within the Healthcare IoT security market.
VMblog: To kick things off, can you tell readers about ZingBox and explain what you do?
John Yun: ZingBox provides hospitals, companies and manufacturing
facilities with Internet of Things (IoT) security software that helps ensure
service delivery. ZingBox's new approach is based on deep learning and
enforcement of trusted behavior. We were founded by Silicon Valley veterans
with expertise in cybersecurity, IoT, deep learning, and networking. Notably,
ZingBox was selected by the Stanford StartX program, and was most recently
named a "Cool Vendor in IOT Security, 2017" by Gartner.
VMblog: I understand
you recently fielded a survey, what did you discover?
Yun: We conducted a survey earlier this month and found that the
majority of healthcare IT networks have IoT devices and that most IT
departments believe that existing security solutions for laptops and servers
can also protect connected medical devices. In fact, More than 90% of healthcare
IT networks have IoT devices connected to them and over 70% believe that the
traditional security solutions used to secure laptops and servers are
sufficient to secure IoT connected medical devices.
In addition, the survey found that over 76% of IT
decision-makers within healthcare organizations are confident or very confident
that all devices connected to their network are protected. Surprisingly,
despite using the same laptop and server security techniques, IT at healthcare
organizations believe they can detect irregularities in network traffic and
account for the different personalities of an infusion pump or glucometer and
can detect when it's not behaving as intended.
VMblog: What was the
most surprising thing learned about your survey?
Yun: The results of the survey were sobering in terms of the
risks the healthcare community faces. Healthcare organizations must consider
modern techniques such as cloud, machine learning and real-time remediation
across an organization's entire IoT footprint. IoT requires a more thorough
approach to constantly monitor for deviations in behavior and provide alerts
for suspicious behavior.
There is a state of confusion and misconceptions in the
healthcare industry on how best to secure connected medical devices. The need
to gain a deeper understanding of the unique individual personalities of IoT
devices remains a foreign concept to many.
IoT technology presents special challenges to a healthcare
organization's ability to protect itself from both insider threats as well as
external cyberattacks across a wide range of attack vectors, as demonstrated by
the most recent WannaCry ransomware and NotPetya wiperware attacks. As these
attacks continue to step to the forefront, companies deploying IoT devices need
to be more cognizant than ever of their security measures.
VMblog: What are the
keys to a successful healthcare IoT security strategy?
Yun: A successful healthcare IoT security strategy must be
reimagined from the ground up taking into considerations the unique
characteristics of connected medical devices. Carrying over assumptions
from IT security approach is the highest cause of failure of any IoT security
strategy. For example, typical vulnerability scanning solution deployed for IT
devices when aimed at IoT devices can often render the device
inoperative. Any attempt to install AV engine or other clients can cause
malfunctions. Simply blocking what appears to be unrelated ports or
protocols at the firewall can also cause unexpected results. A successful
strategy must start with the assumption that the best approach is to start with
an out-of-band solution ensuring no operational impact of the device. The
security capabilities must also be architected to be non-disruptive in every
step of the way.
VMblog: And what are some
real-world problems you are helping your clients solve?
Yun: Healthcare organizations cannot install traditional security
clients on IoT devices nor can they employ other monitoring solutions designed
to secure IT devices. These organizations also cannot install patches as
recommended by many vendors. Lacking the ability to update the device and
the inability to employ traditional IT security solutions, organizations have
no choice but to take the device out of circulation or simply leave with the
risk with the vulnerable device in use.
VMblog: What are the
most common issues you see with healthcare IoT security?
Yun: The most common issue with healthcare IoT security is the
lack of visibility. Many organizations do not have clear visibility into the number
and type of IoT devices that are deployed in the organizations network. Without
this visibility, you simply cannot assess the overall risk or vulnerability of
the environment.
VMblog: Finally, talk about how healthcare IoT security has changed in the past year.
Yun: The past year brought a new level of awareness and focus on
IoT security. Starting from the Murai attack which turned many IoT
devices to bots, the recent ransomware and wiperware turned IoT devices to very
expensive paper weights. What had been considered as possible future
scenario became very real in matter of months.
##
Thanks again to John Yun, Head of Marketing for ZingBox, for
speaking to VMblog.com