Selecting a Passive Network Monitoring Solution for Medical Device Cybersecurity Management

Abstract

The number of cyberattacks and information system breaches in healthcare have grown exponentially, as well as escalated from accidental incidents to targeted and malicious attacks. With medical devices representing a substantial repository of all the assets in a healthcare system, network security and monitoring are critical to ensuring cyber hygiene of these medical devices. Because of the unique challenges of connected medical devices, a passive network monitoring (PNM) solution is preferred for its overall cybersecurity management. This article is intended to provide guidance on selecting PNM solutions while reinforcing the importance of program assessment, project management, and use of leading practices that facilitate the selection and further implementation of PNM solutions for medical devices. The article provides a detailed introduction to connected medical devices and its role in effective care delivery, an overview of network security types and PNM, an overview of the National Institute of Standards and Technology Cybersecurity Framework and its application for program assessment, essentials of project management for PNM solution selection and implementation, key performance indicators for measuring a solution's ability to meet critical cybersecurity needs for medical devices, and lessons learned from the author's professional experience, selective literature review, and leading practices. Rather than describing a complete list of guidelines for selecting PNM solutions, the current work is intended to provide guidance based on the author's experience and leading practices compiled from successful medical device cybersecurity programs.