Endpoint Security , Governance & Risk Management , Internet of Things Security

Gaining Better Visibility Into Medical Devices, IoT, OT

Aaron Weismann, CISO of Main Line Health, Describes Asset Management Rollout
Gaining Better Visibility Into Medical Devices, IoT, OT
Aaron Weismann, CISO, Main Line Health

Main Line Health's deployment of an asset management platform is helping provide much deeper visibility and better security over the 100,000-plus biomedical devices, IoT devices and OT gear used throughout the healthcare system's multiple hospitals and medical facilities, said CISO Aaron Weismann.

"It's critical to be able to see what is on your network at any given time to be able to say, 'Hey, this is appropriately on the network, or it's inappropriate to be on our network. It should be on, say, a guest network or not connected at all,'" he said.

The rollout of the asset management platform, Armis Centrix, also revealed that Main Line Health had twice the number of devices in its IT environment as previously identified by the previous asset management solution that was replaced, he said.

"We doubled our numbers overnight by switching to Armis, which was a bit of a surprise for us," he said. "So we had to reconcile. Clearly, we didn't have full visibility of our network. We didn't have full device visibility. It was discounting some devices," he said.

Deeper visibility into all devices is critical from a cybersecurity perspective, he said.

"We're also able to see vulnerability data and recall information for all of our devices," said Weismann, who is set to speak at the Information Security Media Group Healthcare Cybersecurity Summit in New York City on July 18.

"If there are critical vulnerabilities impacting a device that are being leveraged in the cybersecurity environment at large in order to actually affect attacks, we want to be able to know that so that we can mitigate against those attacks and take actions to really reduce the impact and spread of those events."

In this audio interview with ISMG (see audio link below photo), Weismann also discussed:

  • Details about Main Line Health's asset management platform deployment;
  • Other top cybersecurity issues involving medical devices;
  • How to overcome network segmentation challenges.

Weismann has been the CISO for Main Line Health, a health system based in Philadelphia, Pennsylvania, for the past four years. Prior to that, he served as CISO for the Massachusetts Executive Office of Health and Human Services, which provides support and care services for over 3 million Massachusetts residents.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.