Log in
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Dynamic quotes 

MarketScreener Homepage  >  Equities  >  Nasdaq  >  Cisco Systems, Inc.    CSCO


News SummaryMost relevantAll newsPress ReleasesOfficial PublicationsSector newsMarketScreener StrategiesAnalyst Recommendations

Cisco : Understanding Medical Device Security

share with twitter share with LinkedIn share with facebook
09/08/2017 | 08:08am EDT

Cisco Blog > Healthcare

Healthcare Richard Staynings - September 8, 2017 - 0 Comments

­­The FDA recall of a medical device last week has caused a bit of a media storm as the general public scrambles to find out more. The fact that a medical device meant to help sustain life is insecure and could be hacked to kill a patient is alarming to all of us. More worrying is that the medical device subject to the recall, a cardiac rhythm management product, or 'pacemaker' to the rest of us, is probably not an anomaly. Many other medical devices more than likely also lack adequate security.

To understand the risks, we first need to understand the problem. To be honest, this could require an extensive series of blog posts over weeks to fully examine and explain this properly, but here's the 50,000-foot version.

Different types of medical devices and the risks they pose

First, there are the implantable medical devices (IMDs) like the medical pacemaker at the center of this story. This group of medical devices includes the implanted insulin pump that security researcher Barnaby Jack demonstrated live on stage at the Miami Hacker Halted Conference in 2011, hacking the device to deliver a lethal drug dose. It also includes a pacemaker that was hacked, again by Jack, at the Melbourne BreakPoint Security Conference in 2012 to deliver a lethal 830 volt electric shock to a patient.

Second are the much wider range of network-attached medical devices used in healthcare delivery. These include:

  • Diagnostic imaging systems: ultrasound, MRI, PET, CT scanners, and X ray machines
  • Treatment equipment: infusion pumps, medical lasers, and surgical machinery
  • Life support: ventilators, anesthetic and dialysis machines
  • Medical monitors for oxygen saturation, blood pressure, ECG and EEG, and many, many more.

The greatest data-security risks for medical devices

The network-attached group far outnumbers the IMD group, but both have one thing in common-a very long life span! No one wants a pacemaker that needs to be replaced every year or two, and hospitals simply can't afford to rip and replace their multimillion-dollar investment in x-ray machines and PET and CT scanners if they still work perfectly. Many current medical devices are 15 or 20 years old already, placed into service when the rest of us were deploying Windows 95 and dial-up modems.

The greatest risk to medical devices, however, is that they lack even the basic security protections that a $200 home PC has-things like antivirus software and a host firewall. The danger is that when a malware worm gets into a hospital and spreads its way laterally across the network to reach highly vulnerable medical devices, it either quickly infects them (many of the newer models run a form of Windows XP), or the malware multicast traffic storm causes the medical device to crash or just stop working. It's not that someone hacked and changed a parameter-although that is a distinct possibility-but it's more likely that its battery becomes quickly drained and powers off, or the system blue screens and ceases to provide life-sustaining care.

It's going to take years to patch or replace the arsenal of insecure medical devices and billions of dollars that healthcare providers simply don't have. So, we need to look at alternatives to secure them for the rest of their life-spans.

How to reduce risk and protect devices

By far the most effective approach is microsegmentation, where medical devices are locked down and secured by the network they are attached to. (Attempting to manage 350,000 individual medical devices in a hospital is impossible.)

Modern network infrastructure supports security technologies like Cisco TrustSec©, where each network port acts as a virtual firewall. Using security group tags, network traffic is controlled so that only specifically authorized users-biomedical equipment technicians (or BMETs, as they are known)-have access to reprogram devices, and these systems are only able to communicate with designated internal IP addresses using predetermined ports and protocols. The network will drop everything else, like malware traffic and any connection attempts from unauthorized users. Many of the more advanced healthcare providers have already adopted such an approach, and by employing compensating security controls like TrustSec have been able to secure their networked medical devices from attack.

Learn more about Cisco's approach towards medical device security

Find out if TrustSec and Microsegmentation are right for you

For more information on cybersecurity solutions, get the details on Cisco's Digital Network Architecture for Healthcare and IoT Threat Defense for network-connected devices.


Cisco Systems Inc. published this content on 08 September 2017 and is solely responsible for the information contained herein.
Distributed by Public, unedited and unaltered, on 08 September 2017 12:07:03 UTC.

share with twitter share with LinkedIn share with facebook
Latest news on CISCO SYSTEMS, INC.
08/04Software firm Clearwater Analytics explores $2 billion sale -sources
08/04Software firm Clearwater Analytics explores $2 billion sale -sources
08/04CISCO : AT&T has expanded its AT&T SD-WAN solutions with a new service offering ..
07/30CISCO : OTEGLOBE Strengthens Its Network Backbone with Cisco 400G IP Infrastruct..
07/29CISCO : Schedules Conference Call for Q4 and Fiscal Year 2020 Financial Results
07/28CISCO : Digitalization of SMBs could add as much as US$3.1 Trillion to Asia Paci..
07/27SCHNEIDER ELECTRIC : and Cisco Partner to Bridge OT and IT in Building Managemen..
07/24CISCO : Live Delivers Results in a Safe Way for Service Providers
07/23CISCO : In Sickness and in Health
07/23ENEL BEYOND THE CLOUD : More Than a Thousand Sites Connected by One of the World..
More news
Financials (USD)
Sales 2020 49 237 M - -
Net income 2020 11 121 M - -
Net cash 2020 13 111 M - -
P/E ratio 2020 18,2x
Yield 2020 2,97%
Capitalization 202 B 202 B -
EV / Sales 2020 3,83x
EV / Sales 2021 3,73x
Nbr of Employees 75 900
Free-Float 100,0%
Duration : Period :
Cisco Systems, Inc. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends CISCO SYSTEMS, INC.
Short TermMid-TermLong Term
Income Statement Evolution
Mean consensus OUTPERFORM
Number of Analysts 29
Average target price 50,38 $
Last Close Price 47,77 $
Spread / Highest target 36,1%
Spread / Average Target 5,45%
Spread / Lowest Target -14,2%
EPS Revisions
Charles H. Robbins Chairman & Chief Executive Officer
Tiang Yew Tan Chief Operations
Kelly A. Kramer Chief Financial Officer & Executive Vice President
Chuck Churchill Director-IT
Roderick C. McGeary Independent Director
Sector and Competitors
1st jan.Capitalization (M$)
CISCO SYSTEMS, INC.-1.31%199 841
ERICSSON AB24.08%39 169
NOKIA OYJ28.94%28 438