Imagine going to the doctor for a routine checkup. After greeting you, the physician pulls up your medical records on his tablet, but instead of your medical history, this screen pops up:

Now imagine if you were waiting on the results of a biopsy, or if the ultrasound machine displayed this screen instead of your unborn child. This may sound dramatic, but it is the reality for many healthcare providers.

Research released earlier this year found that more than 50 percent of hospitals experienced a ransomware attack in the past 12 months. In May, 2017, a particular strain of ransomware known as WannaCry (pictured above) infected organizations across the globe, including numerous hospitals. This type of attack is likely to become more prevalent. According to a U.S. interagency task force, more than 4,000 ransomware attacks have occurred daily since January 1, 2016, which is a 300-percent increase over 2015.

Compounding this problem, many healthcare organizations are struggling with an explosion in devices. Network-capable medical devices are critical for patient care, but many lack critical security functionality. Sixty-three percent of organizations operate these medical devices on their main hospital network, and many have no way of determining what devices are currently connected to their network and if they are compromised. Threat actors frequently compromise these medical devices and use them to move laterally throughout the network.

To protect their sensitive data and critical resources in today’s threat landscape, healthcare organizations need network visibility and control. Cisco Medical Network Access Control (NAC) is here to help you with both. This post outlines the visibility capabilities of Medical NAC. Look out for a second post covering control functionality soon.

Medical NAC was designed to help secure organizations with large numbers of specialized medical devices from threats such as ransomware. It is also part of Cisco IoT Threat Defense, which aims to enable the Internet of Things by securing these emerging network-capable devices.

Medical NAC uses comprehensive visibility to help you:

Identify medical devices

Keeping track of network-capable devices is a challenge for most security operators, especially in healthcare. On top of the inherent security risks these devices can pose, they may be connected to the network by medical staff or vendors without notifying IT or following the appropriate onboarding procedures.

Medical NAC instantly identifies over 250 leading medical devices and thousands of nonclinical devices as soon as they connect to the network. This enables network and security teams to constantly keep track of all the devices on the network, ensure they are properly classified, and asses their compliance with organization policy.

Monitor and remove threats

Because of how valuable medical records can be, healthcare organizations face a wide variety of threats, including insider threats, advanced malware, and more. To properly protect their data and resources, organizations need pervasive network visibility to detect suspicious behaviors and threats.

Medical NAC provides visibility across the network, data center, branch offices, and cloud using a variety of network traffic metadata, device details, user information, and other data sources. Using this data, activity that is suspicious, malicious, or significantly abnormal is identified, enabling security operators to identify even the stealthiest threats quickly enough to respond before valuable data is lost.

Control ties the solution together

Visibility is crucial, but it isn’t enough on its own to protect your healthcare network. Medical NAC can provide the control you need to harden your network and respond to threats. Capabilities such as software-defined network segmentation allow organizations to define access policies from a centralized location and enforce it seamlessly across the entire network, without the burden of maintaining numerous access control lists. This can help limit the lateral spread of ransomware such as WannaCry or other forms of malware.

This is just one example of the control capabilities Cisco Medical NAC can provide. Stay tuned for another post with more information. Until then, visit us at Cisco Live at the IoT District Medical NAC booth to learn more about protecting your healthcare network with Cisco.


Kevin Skahill

Senior Director for Security Policy & Access

Secure Access and Mobility Product Group