Private Healthcare Awards 2022

GHP / Private Healthcare Awards 2022 5 Healthcare Cyber Security Company of the Year - UK is out of the question. Standard vulnerability tools commonly disrupt device operations, causing outages, resets, or worse, impacting patient care. And because IT frequently has little-to-no operational knowledge of these devices and their locations, utilisation, and workflow, IT cannot properly assess the security risk, nor can they efficiently assist in solving device issues when they arise. Instead of scanning physical devices, Cylera applies multiple patented techniques to deliver a deeper type of Deep Packet Inspection (DPI) in the network traffic it sees, and analysis of the devices takes place with absolutely zero-touch – no disruption to operations whatsoever – because they never actually scan the physical devices. There are multiple technologies developed within Cylera’s cyberclinical engine that working together, are applied to deliver a superior level of asset visibility and actional guidance for the IoT, IoMT, and IT/OT device register. These are, Adaptive Data Type Analysis™, IoT Device Emulation Engine™, and its own Cylera proprietary Threat and Intelligence Database. Here’s how it works. • Adaptive Data Type Analysis™ - When discovering devices and creating an accurate asset register (or inventory) across the whole hospital’s network estate, Cylera customers can trust that new and never-before-seen devices that may occur in the network can be identified and evaluated for risks. This capability is not prone to cause “predictive” analysis errors – a common critique some vendors claim as a shortcoming of artificial intelligence (AI) and machine learning (ML). Adaptive Data Type Analysis, instead, provides a data-driven analysis on new devices with accuracy that gives IT the information it needs to make decisions. Two patents have been awarded to Cylera’s capability. Others who do not have this capability require the development of specific protocol analysers, or sometimes referred to as a protocol “dissector” for any new device seen in the network, or which may not be in their library of device support. These take time to develop and refine. In Cylera’s case, when something new or unidentified appears, they are able to discover it, categorize it, and provide risk analysis – a far better solution than devices designated as “unknown.” • IoT Device Emulation Engine™ - Instead of scanning a physical device, Cylera creates a type of “digital twin” – a simulation, of the physical devices discovered. This allows them to never touch the live, physical device which may at any time be delivering patient care. Instead, the vulnerability scanning is performed against the digital twin for configuration weaknesses, vulnerabilities, related CVE and CVSS, vendor advisories, and applicable NHS Digital Cyber Alerts. All the information gathered is then monitored and maintained over time, provided against that non-physical device. Cylera has developed this as a powerful way to assess vulnerabilities, score risks, offer mitigation plans, and operationalise the information across many departments, with absolutely zero touch – no impact or disruption to equipment, availability, or safe patient care whatsoever. Cylera’s capability is patent pending as of this writing. • Cylera’s Threat and Intelligence Database – a proprietary database of threat and intelligence information is used in overlay analysis of connected devices, and the weaknesses and vulnerabilities which may be present. This has been built and maintained by Cylera Labs researchers over many years and provides a rich library of insight into what to do about security gaps discovered within the IoT, IoMT and even operational technologies (OT) such as security cameras, smart TVs, CCTV systems, and building environmental controls seen across the whole hospital estate. Some call this capability a “data lake.” In 2021, Cylera experienced significant new client growth globally. In the UK, it has become well known as a valued provider of technology excellence to address data security and protection for National Health Service (NHS) Trusts (Acute, Foundation, Ambulance and Mental Health). Related to its growth and adoption of Cylera technology, has been its usefulness and time savings in helping NHS Trust clients ready for their annual Data Security Protection Toolkit (DSPT) self-assessment submission. The DSPT is designed to assist organisations to measure their performance against the National Data Guardian’s (NDG) 10 Data Security Standards which protect sensitive data and also protect critical services which may be affected by a disruption to critical IT systems (such as in the event of a cyberattack). All organisations that have access to NHS patient data and systems must use the toolkit to provide assurance that they are practicing good data security, and that personal information is handled correctly. Cylera assists in many facets of each of the 10 Data Security Standards, as documented here. Of particular note for the 2021-2022 DSPT requirements is the new Data Security Standard 9 to create a connected medical device register in specific. “With medical devices becoming more connected and, in many respects, subject to the same level of vulnerabilities (if not more) than a desktop, tablet or laptop device. These vulnerabilities are particularly marked with the 1st generations of connected medical devices some of which may have a decades long life span. So just as it is important to know your user base and their devices, it is important to have a register of connected medical devices. This register should include vendor, maintenance arrangements, any network segmentation in place and whether network access is given to supplier/maintainer. It is expected it would contain (or is linked) the items found in an IT asset register network Cylera’s Unique, Patented Cyber-Clinical Engine