Introducing Our Enhanced Vulnerability & Risk Management Module!
Learn More
Claroty Logo Toggle Search

Blog / 3 min read

Closing the Cybersecurity Gap in Healthcare BMS

Jonathan Langer
/ August 2nd, 2022
Cybersecurity Gap in Healthcare BMS

To say that hospitals rely on their building systems (BMS) would be an understatement. These critical cyber-physical systems — which encompass everything from security cameras and physical access controls, to HVAC, lighting, and fire alarm systems, to elevators — are trusted by millions daily to keep hospitals running while creating a safe environment for patient care.

Unfortunately, this also means that the impact is widely felt when BMS devices fail. Delivering care becomes more difficult, and patient outcomes can also suffer. Some real-life examples illustrate these implications:

  • A freezer system did not maintain the right temperature and destroyed custom immunotherapies. The hospital was found civilly liable, but worse is that patients did not get their highly effective cancer treatment. (source)

  • Air handlers had a mold infestation, and mold spores ended up in an operating room, infecting patient surgical sites. The hospital was found negligent after some patients died from exposure to mold spores. (source)

  • During a Joint Commission visit, the hospital HVAC system failed and caused the EHR to go offline. This cascading issue prevented effective patient care and caused enormous headaches for the hospital administration. (source)

At Medigate, we work tirelessly to help our customers minimize their risk of facing similar situations by providing exceptional visibility and cybersecurity controls across every connected device in healthcare environments — including all types of medical, Internet of Things (IoT), and, of course, BMS devices.

In fact, enhancing our capabilities with respect to BMS has been a particular focus in recent months following Medigate’s acquisition by Claroty earlier this year. While the Medigate platform has always provided robust BMS support, the acquisition has since enabled us to further strengthen those capabilities by combining them with Claroty’s additional coverage of BMS-specific protocols, in-house BMS experts, and robust cybersecurity portfolio.

To that end, I’m pleased to share that we have reached a new milestone on our shared mission with Claroty. Today marks the general availability of Claroty xDome, which is a SaaS-based cybersecurity platform. Although xDome has been designed with industrial and commercial customers in mind, its release is a testament to how all customers will continue to benefit from Medigate and Claroty’s combined expertise, purpose-built technology, and commitment.

It is also important to remember that xDome is only the latest in a series of innovations that Medigate and Claroty have jointly delivered following the acquisition. For our healthcare customers, many of these innovations have focused on BMS. Highlights include:

  • Enhanced visibility: With an expanded library of protocol parsers from Claroty, the Medigate platform has added new depth to our existing knowledge of BMS devices. The platform now specifically highlights these critical devices, allowing additional users to gain even more value.

  • More effective and efficient vulnerability management: With accurate profiles for even more types of devices, as well as automatic vulnerability correlation, identifying and managing vulnerabilities is even easier and more effective than ever. BMS devices are now included in the Medigate Platform’s vulnerability assessment, reporting, and mitigating capabilities.

  • Network Segmentation: Ensuring each device is correctly assigned to an appropriate network segment is foundational to effective cybersecurity. With the Medigate platform, hospitals can properly segment BMS and all other devices in their environments, enhancing protection and accelerating improvement of their overall security posture.

Medigate has been closing the cybersecurity coverage gap for medical devices in healthcare. With the expertise gained from Claroty, we are now supporting leading hospital systems as they reduce the cybersecurity gap in their building management systems.

Stay in the know

Get the Claroty Newsletter


Featured Articles

Interested in learning about Claroty's Cybersecurity Solutions?

Claroty Logo
LinkedIn Twitter YouTube Facebook