PRESS RELEASE
NEW YORK and ORLANDO, Florida — March 12, 2024 — Clarotythe cyber-physical systems (CPS) security company announced today at the annual HIMSS24 conference the release of the
Advanced Anomaly Threat Detection (ATD) module. within Claroty’s Medigate platform. The new capability provides healthcare organizations with the clinical context to identify, assess and prioritize threats to connected medical devices, IoT and building management systems (BMS).
Advanced ATD module capabilities are based on Claroty’s specialized knowledge of healthcare environments and in-depth, fundamental visibility into CPS devices, including:
-
Agentless, clinically-aware threat detection and context to address known indicators of compromise in CPS
-
Threat detection at deeper levels of the clinical network beyond areas where firewall solutions are deployed
-
Continuous monitoring of measures to strengthen device communication and compliance checks
According to the German health network Ortenau Klinikum, with the advanced ATD module, “we now know what is in our network at any given moment. Especially with our medical devices, what was once a blurry image has become a high-quality image.”
As connectivity expands in healthcare environments, cyber attacks against the healthcare industry continue to increase year after year, affecting medical devices and BMSs that keep hospital operations running. Indeed, according to Claroty 2023 Global Healthcare Cybersecurity Study78% of healthcare organizations have experienced at least one cybersecurity incident in the past year, and 60% of these incidents had a moderate or severe impact on the delivery of healthcare to patients.
Not only is the proliferation of attacks pushing healthcare organizations to adopt stronger cybersecurity postures, but the evolving regulatory environment is another factor driving change. For example, the US Department of Health and Human Services (HHS) recently published Cybersecurity Performance Objectives (CPGs) in Healthcare and Public Health (HPH) which include a specific measure to detect and respond to threats and relevant tactics, techniques and procedures (TTPs), to “ensure organizational awareness and the ability to detect relevant threats and TTPs at endpoints” and to “ensure that organizations are able to protect entry and exit points on your network with endpoint protection.”
Claroty’s advanced ATD module enables the healthcare industry to strengthen their cybersecurity postures and achieve regulatory compliance with features including:
Signature-based detection improves threat detection, analysis, and response based on known signatures and indicators of compromise (IoC). The signature content can be viewed for investigation purposes and enabled or disabled as needed to optimize the system.
Personalized communication alerts understand and alert on device communication patterns across the network to identify anomalous behavior and traffic between connected devices, such as a BMS communicating with a guest network or an IoMT device using an insecure protocol.
Device change alerts identify significant device changes within healthcare environments for further investigation, such as when a device reappears after being offline for a significant period, exhibits a significant change in risk profiling, or experiences a change in network status.
MITER ATT&CK for Enterprise Threat Mapping provides additional context and remediation information by mapping alerts to various tactics and techniques within the MITER ATT&CK framework. This helps operators better understand the goals of malicious actors so they can respond more quickly and appropriately, and streamline processes by aligning with a framework they may already be using.
“Healthcare organizations have been facing an uphill battle for years, with the threat of the next ransomware attack always looming. Cyberattacks against clinical devices and OT assets in HDOs have real consequences for the delivery of patient care,” said Grant Geyer, Chief Product Officer at Claroty. “The capabilities offered by the Advanced ATD Module help healthcare organizations take a critical step towards achieving full visibility, with an in-depth understanding and transparent view of the greatest threats against them. When clinical workflows and patient care are involved, there is no room for blind spots.”
The release of Claroty’s advanced ATD module for the Medigate platform comes as new research from Team82, Claroty’s award-winning research team, finds that healthcare organizations are facing extreme gaps in medical device security. This new research can be found in the inaugural edition of “CPS State of Security Report: Healthcare 2023.”
For more information on the Advanced ATD Module e The new report from Team82visit Claroty at the HIMSS Global Health Conference, booth no. 1627, which will be held March 11-15 in Orlando, Florida.
About Claroty
Claroty enables organizations to protect cyber-physical systems in industrial, healthcare, public sector and commercial environments – the extended Internet of Things (XIoT). The company’s unified platform integrates with customers’ existing infrastructure to provide a full range of controls for visibility, risk and vulnerability management, threat detection and secure remote access. Backed by the world’s largest investment firms and industrial automation suppliers, Claroty is used by hundreds of organizations at thousands of sites around the world. The company is headquartered in New York City and has a presence in Europe, Asia-Pacific and Latin America. To find out more, visit claroty.com.