BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
LAS VEGAS -- Cybersecurity in healthcare is top of mind for the industry's CIOs and many expressed this at the recent HIMSS 2016 conference in Las Vegas. David Higginson, executive vice president, chief administrative officer and CIO at Phoenix Children's Hospital, said network monitoring is vital to cybersecurity in healthcare, and the new and innovative network monitoring technologies will be key going forward.
David Higginson: Securing our servers and our desktop environments, our endpoints, is challenging enough. I have 10,000 endpoints and less than 10 people to service those across the entire organization. Now, you take the number of medical devices we have, we have no insight to the code because it's all proprietary, we don't know what operating system it's running on and trying to protect it ... it's just an exponentially difficult problem.
So we're looking at products that are more innovative in terms of how they're trying to figure out what anomalies are going on in their network. ... There's a company called ExtraHop here that we do a lot of business with. They are a monitoring tool. We use that product to look at general network monitoring or server monitoring, but the question is: Could we also use it to see things changing on our network?
A good example of something we did ... was ICD-9 was an old coding standard that moved to ICD-10. We wanted to know, is any system in our organization six months later still spitting out ICD-9 codes somewhere [and] we just don't know about it? We used this network monitoring tool to actually find ICD-9 codes going around our network and found one device that was still spitting out ICD-9 codes that we missed.
You wouldn't think that a network monitoring tool [would] do that, but we're able to see that much into what's going on. So we think there are newer technologies that are going to be smarter about managing threats [in] real time, and that's where we're going to go. There's a handful of products in that space that are kind of almost like a neural net of those products connected in different organizations across the country, and as they see activity on those nodes, they report them back to the central hub and say, "OK, are you seeing this activity on any other site? And if you are, maybe we found a new threat." I think that more neural, adaptive technologies are what's going to have to happen.
Former CIO discusses cybersecurity in healthcare
Cyber security in healthcare: "We have to work together," says Probst
Continuous network monitoring required for cybersecurity readiness