Tenable Network Security says that St. Elizabeth Healthcare, Northern Kentucky’s regional healthcare leader, has deployed SecurityCenter Continuous View™ to detect critical cyber vulnerabilities in network-connected medical devices without taking them offline and endangering patient care.
Through this deployment, St. Elizabeth’s IT security team has tackled one of the biggest security challenges in the healthcare industry—securing “smart” medical devices that cannot be interrupted for active vulnerability assessments.
“Everything we do at St. Elizabeth, including our security program, is based on the principle of putting patients first,” said Harold Eder, director of IT infrastructure and security, St. Elizabeth Healthcare. “CT scanners, MRIs, smart IV pumps—any of these endpoint devices may be running on outdated systems that leave the entire network vulnerable to attack, but you can’t perform traditional vulnerability assessments because taking the systems offline is risky and could diminish patient care.”
St. Elizabeth’s security team uses Tenable’s SecurityCenter CV to gain complete visibility into medical device security and overall network status through a combination of active and passive scanning as well as advanced analytics. With SecurityCenter CV, Eder and his team assess 9600 IP addresses and 300+ medical device endpoints across five main campuses and more than 60 remote facilities. Continuous network monitoring from SecurityCenter CV grants Eder a better understanding of cyber risk for the entire St. Elizabeth enterprise and allows him to focus his security team on the tasks that will have the most impact.
With guidance from HealthGuard Security, a cyber risk management provider and a trusted partner of St. Elizabeth for more than 10 years, Eder chose SecurityCenter CV as the best solution because it delivered the right combination of advanced analytics, real-time reporting and increased visibility into St. Elizabeth’s hard-to-see medical devices.
“When I looked at the challenges St. Elizabeth faced, I knew they needed a comprehensive solution that would help with HIPAA compliance, improve visibility into critical systems and deliver high-level analytics and reporting capabilities,” said Apolonio Garcia, founder and president, HealthGuard Security. “After seeing the success of Tenable’s products with many customers over the years, SecurityCenter CV was clearly the right fit and the best product for St. Elizabeth.”
“SecurityCenter CV gives me a much more holistic view into what my priorities should be, so I spend less time figuring out the problems and more time fixing them,” said Eder. “The best part is that as our network evolves and our security program matures, we will continue to get additional value out of SecurityCenter CV along with the continued assurance that our infrastructure and patients are well protected.”
St. Elizabeth Healthcare operates six major facilities throughout Northern Kentucky and more than 110 primary care and specialty office locations in Kentucky, Indiana and Ohio. St. Elizabeth is sponsored by the Diocese of Covington and is a member of the Mayo Clinic Care Network. St. Elizabeth is a mission-based organization committed to improving the health of the communities it serves, providing more than $121 million in uncompensated care and benefit to the community in 2013.