The State of XIoT Security Report: 1H 2022
Download the Report
Claroty Logo


5 Best Practices for Good Clinical Cyber Hygiene

The Claroty Team
/ October 26th, 2022

In May 2022, the Cybersecurity and Infrastructure Agency (CISA) issued an alert on poor cyber hygiene practices threat actors routinely exploit to gain initial access or as part of other tactics to compromise a victim’s system. While not specific to the healthcare sector, the notification is a good reminder of the importance of good cyber hygiene for all organizations and the risks when best practices to protect systems are not adhered to. 

We’ve previously discussed clinical cyber hygiene, but it’s a topic worth revisiting. Threat actors don’t discriminate, and maintaining good cyber hygiene is not a “one and done” activity. Like frequent hand washing is for all healthcare professionals, it requires constant care and attention. If neglected, you may find yourself facing unexpected, costly consequences.

Defining Clinical Cyber Hygiene

According to the World Health Organization, “Hygiene refers to conditions and practices that help to maintain health and prevent the spread of diseases.” Similarly, clinical cyber hygiene refers to the methods and mechanisms that help maintain the privacy and integrity of clinical networks and prevent the spread of attacks. This is predicated on an organization’s ongoing ability to discover, assess, and manage cybersecurity risks that are proliferating with the increasing reliance on connected devices, a surge in threats, and regularly discovered vulnerabilities.

Why is clinical cyber hygiene important?

Cyber hygiene is important across all sectors. If not done well, it can lead to financial losses, as well as the loss of essential services, like power. But in healthcare, patient lives can be at stake, and good cyber hygiene must be driven by security solutions and practices tailored to the uniquely challenging requirements of health systems. Good cyber hygiene enables clinical efficiency and increases the value of clinical operations and sound practices reflect a systematic approach to understanding and managing clinical networks. They maximize the resiliency and availability of connected medicine. So, how do you establish and maintain good clinical cyber hygiene? Here are some best practices we’ve seen health systems leverage to their advantage:

Clinical Cyber Hygiene Best Practices

1. Fingerprint all medical devices in the network

Make sure you can discover and identify 100% of devices hosted on your clinical networks as well as the Extended Internet of Things (XIoT) devices they are connecting to.  Obviously, a fingerprint means full device attribution and knowledge of their operating requirements. Even beyond manufacturer, model, OS, hardware, app versions, and location, network status, security posture and utilization intelligence are also essential. Every detail is important, and you should be looking for ways to continuously enrich your understanding as things change. Not just the data that defines the device, but maintenance intervals, utilization patterns, and yes, the experience of staff who interact with the device throughout its lifecycle – from acquisition through disposal.

2. Assign each device a multi-factor risk score — and continuously update

Risk scoring is a dynamic process. And it can’t be adjudicated in a vacuum. Organizations with good clinical cyber hygiene are continuously reassessing device security (at both individual and group levels) as security provisioning and asset restaging and maintenance are related processes. The overall assessment context must extend beyond the likelihood of compromise and include both patient safety and business factors.

3. Prioritize remediation activities — develop a cross-functional “risk frame of reference”

At a minimum, workflows associated with managing risks across high value assets should be coordinated cross-functionally. Especially when considering the highly mobile nature of connected medical and XIoT devices and the need for health systems to accelerate their restaging, security-awareness must be reflected in cross-department workflows.

4. Manage risk across the enterprise — programmatically

Don’t let a weak link negate all your hard work. A programmatic approach to risk management is critical, otherwise, performance deficits are difficult to identify and improvements are impossible to measure. In golf, they say you’ll never play faster than the slowest person in your foursome. Again, given the highly mobile nature of assets, and the continuing fragmentation of care delivery, your risk management practice must encompass outpatient facilities, clinical partners, etc., with the same rigor.

5. Inform medical and IoT device procurement

Monitoring device performance allows for the introduction of security metrics to supply chain/procurement managers. As many health systems employ “spend category managers” whose responsibilities include negotiating contracts with key suppliers, these metrics should obviously be known to them so they can be incorporated into the procurement process. Involving supply chain/procurement managers as part of clinical cyber hygiene practices helps the organization maintain a security stance with partners that is in line with the organization’s tolerance for risk. 

How to Implement Good Clinical Cyber Hygiene

Medigate by Claroty can help you implement good clinical cyber hygiene, as it supports workflows across the ecosystem with the data, the risk framework, and the insights required to develop a focused, integrated asset management and security program. Specialized modules, including one dedicated to Clinical Cyber Hygiene, can help you jumpstart your efforts by providing a detailed organizational “risk baseline.” The reporting is organized to ensure relevance cross-functionally with information provided in both aggregated and filterable views (e.g., by location) for maximum flexibility. When combined with the ability to modify frameworks as conditions change and simulate the effects of potential remediation activities, the insights are game changing.

To learn more, request a demo.

healthcare cyber hygiene

Featured Articles

Interested in learning about Claroty's Cybersecurity Solutions?

Claroty Logo
LinkedIn Twitter Facebook