par John R. Fischer
, Senior Reporter | February 25, 2020
GE Healthcare is once again helping providers tackle cybersecurity threats — this time, with a new solution that leverages their existing resources and capabilities.
The healthcare tech giant has unveiled Skeye, a monitoring system that utilizes AI and process management tools to keep watch over a provider’s connected devices through a remote security operations center, and help them to detect, analyze and respond to threats and events in real time.
“Skeye augments the hospital's existing security program by focusing on connected clinical devices, eliminating challenges inherent in these devices, such as OEM patch validation; validated 3P SW such as A/V, malware; and research to determine what is permissible, or not permissible, regarding compensating controls for all devices, regardless of OEM,” Sher Baig, senior director of global cyber product commercialization at GE Healthcare, told HCB News.
Connecting devices, though essential, increases cybersecurity risks that can impact an organization’s productivity, finances, quality of care and reputation. In 2018 alone, 82 percent of hospital technology experts reported a “significant security incident,” with the average data breach costing $3.86 million.
Skeye uses AI-enabled tools and the security operations center (SOC) to analyze, monitor and help manage cybersecurity vulnerabilities. This includes producing lists of impacted devices immediately, monitoring OEMs for patch validation, applying work orders to apply patches, and keeping a record of devices that are remediated for future reference. It also provides an on-site expert that works as an extension of the SOC on site to help with remediation execution for clinical engineering teams.
Among its offerings is its 360˚ coverage, which begins with risk assessment and includes real-time networked device discovery. The SOC also offers recommended action plans, remediation advice and execution strategies that draw up collaborations among the provider’s clinical engineering, IT and security teams.
In addition to detecting threats, its AI features automate connected device inventory and equipment risk profiling throughout a hospital to create a dynamic management system for device onboarding and decommissioning. An SOC team provides monitoring, threat detection and remediation for connected devices under a GE Healthcare service contract.
Skeye is also a cost-savings tool that provides a full understanding of the networking and security parameters of connected clinical devices and continually updates data when new clinical devices are introduced onto a network or retired. Identifying these parameters otherwise costs as much as $250,000 to gather and record.