New Advisory Board Members Bring Deep Knowledge of Information Security, Incident Response, Counterintelligence, and Pen Testing Expertise to Foster Continued Deception Technology Innovation. Attivo Networks announced today that four widely acknowledged cybersecurity industry experts, Marshall Heilman, Chris Roberts, Lawrence Pingree, and Bill Ender have joined the company’s Advisory Board.
Deception technology is a powerful tool that can help secure company assets, safeguard patient data and transform the network into an environment where the attacker cannot determine what is real and what is fake. These traps and lures detect lateral movement, credential theft, ransomware and Active Directory reconnaissance, ultimately revealing an attacker’s activities as they try to scan systems or attempt to download malware onto medical devices.
By: Christina Adams
Healthcare organizations work hard to ensure their patients’ care and their sensitive data remain protected. Those working within the healthcare sector know the importance of optimizing care for their patients through the use of high-tech, state of the art medical devices and online access to medical records.
It’s Time for a Checkup
While healthcare organizations continue to work towards providing their patients with the highest quality care, the start to the new year is an optimal time for IT teams to give their cybersecurity practices a checkup. In its annual study, Ponemon Institute reported that almost 90% of healthcare organizations have been breached and that the average cost of a data breach for a healthcare provider is $2.2 million. In 2018, breaches will only become increasingly sophisticated, pervasive, and costly for healthcare organizations.
Why Healthcare Organizations?
Healthcare organizations are lucrative targets for attackers because of their wealth of sensitive patient data and the relative ease of infiltrating a healthcare organization’s network. Several factors can increase a healthcare organization’s vulnerability. Medical devices with IOT capabilities, for example, provide life-saving benefits for patients, but can make it challenging to implement traditional network security monitoring due to transient connectivity. Additionally, providing patients with electronic access to medical records increases patient satisfaction, but poses an additional network security risk. Furthermore, IT teams within healthcare organizations are often limited by budget and resources and therefore are susceptible to lacking the tools necessary to combat today’s modern attacker.
So What’s the Treatment Protocol?
The answer is not to get rid of IoT medical devices or eliminate computerized physician order entry (CPOE) systems that simplify care and save lives. Healthcare IT teams simply need tools in their arsenal that not only defend the network perimeter but also help IT teams detect and respond to in-network threats efficiently and effectively.
Enter: deception technology. Deception technology is a powerful tool that can help healthcare organizations protect patient data, company assets, and patient lives by turning the network into an environment where the attacker cannot tell what is real and what is fake; ultimately, revealing an attacker’s activities as they try to scan systems or attempt to download malware onto medical devices. These traps detect lateral movement, credential theft, ransomware and Active Directory reconnaissance.
In addition, deception saves time for IT teams by automating routine security tasks, allowing smaller teams to accomplish more without sacrificing security. However, not all deception is created equal…
The Generic Version Won’t Cut It
Deception-detection solutions vary widely based on comprehensiveness, authenticity, attack analysis, and ability to improve incident response. The Attivo ThreatDefend™ platform combines network and end-point detection to create the highest efficacy of early detection coverage of advanced threats. Deception is placed at both the end-point and inside the network, unlike deception solutions that offer one or the other. The platform efficiently detects threats across all vectors including stolen credentials, Man-in-the-Middle, ransomware, phishing, and insider threats that often evade traditional perimeter-based systems. For authenticity, Attivo misdirects attackers by creating a camouflage of deceptions that provide advanced luring techniques based on the use of real operating systems, golden images for decoys, and customized endpoint credentials designed to draw in attackers.
Attivo Networks recently established a partnership with Becton, Dickinson, and Company (BD), one of the world’s leading healthcare, safety, and technology organizations. Attivo worked closely with BD to create a customized solution for their infusion devices. BD conducted extensive POC (Proof of Concept) tests and the Attivo BOTsink proved to provide reliable threat detection. To learn more about the BD solution, click here.
Learn More Before Filling Your Prescription
If you are interested in learning more about how the Attivo Networks ThreatDefend™ platform works and how it has benefitted healthcare organizations, register for the NH-ISAC webinar, Deception-based Threat Detection, Myths and Realities .
As medical devices incorporate connectivity, they provide greater opportunities for convenience, service, and information for consumers and companies, but also are increasingly vulnerable to cyber threats. In this environment, Attivo Networks and Becton, Dickinson and Co. (BD) have validated a deception solution for medical technology cybersecurity threats through a partnership bringing Attivo’s Botsink solution to a select number of BD devices. The two firms collaborated through BD’s Product Security Partnership Program and created “mirror-match decoy authenticity” software for some of BD’s devices, a method designed to redirect an attack from reaching important information or networks.
“We welcome Attivo Networks to the BD Product Security Partnership Program as an important collaborator in our collective quest to improve cybersecurity across the health care industry,” said Rob Suarez, director of Product Security for BD. “The Attivo BOTsink solution was rigorously tested and validated by BD to tailor their protection technologies to work with our medical technologies, rather than being introduced as an afterthought.”