Proving the Business Case for the Internet of Things

Culinda and ECFirst partner on healthcare cyber security

Steve Rogerson
May 8, 2019

Californian medical IoT security company Culinda is partnering Iowa-based ECFirst, a healthcare cyber-security services firm, to work on AI-based medical security for health systems and hospitals across the USA.
"I am pleased to announce that Culinda has chosen ECFirst as a partner for cyber security for all biomedical devices in hospitals across the USA," said Culinda co-founder and CEO Sreekant Gotti.
With 15 to 20 connected medical devices in a typical hospital room, and an average of 6.2 vulnerabilities on each medical device, the risk to patients and the business is significant.
The global market for medical device technologies is expected to exceed $674bn by 2022. The USA represents around 40% of the global medical device market. The number of IoT devices in a hospital can be more than twice the number of traditional networked devices, such as laptops and smartphones.
Around 60% of medical devices are at the end-of-life stage, with no patches or upgrades available. Biomedical devices in use by hospitals and other healthcare organisations average more than 20 years of use per device, making them prime targets for hackers.
Gartner predicts that by 2020 more than a quarter of cyber attacks in healthcare delivery organisations will involve the IoT.
"With deep expertise delivering HIPAA, Nist and, for the past few years, Hitrust cyber solutions to healthcare organisations across the USA, ECFirst deepens its value to the industry by integrating Culinda's plug-and-play, machine learning based medical IoT security," said Ali Pabrai, ECFirst chief executive. "Culinda's implementation automates the identification, categorisation and prioritisation of all risks and their associated vulnerabilities, thereby providing deeper capability for monitoring and managing cyber risk."
Potential users can request a demo of the Culinda AI-based offering to establish an asset inventory and identify associated vulnerabilities with each asset. Once the assessment is complete, ECFirst and Culinda will collaborate to establish a credible programme to monitor and manage medical IoT devices actively. The assessment can reduce the risk to the business and improve patient safety capabilities.
Culinda secures medical IoT devices in hospitals with an AI platform and security gateway that is fuelled by experts in hospital operations, biomedical device manufacturing and cyber security.
ECFirst delivers specialised compliance and cyber-security services across the USA and globally. An authorised Hitrust assessor, it helps organisations address a multitude of standards such as Nist, ISO 27001, HIPAA and GDPR. Its offerings include managed compliance, cyber assessments and on-demand consulting. The BizShield signature methodology supports a suite of cyber-security certification training programmes including CHP, CSCS and CCSA. The Tracer cyber portal provides a platform for cyber and compliance risk management.