
Program Assessment, Development, Staffing, & Education
IoMT (Medical Device) Cybersecurity Program Assessment
A NIST-based approach to the Internet of Medical Things (IoMT) risk, assessing HTM (Health Technology Management) and Clinical Engineering cybersecurity program structure, staff, and systems and resulting in a Transformation Roadmap
- Understand how to optimize the tools and policies you have or may need to reduce cyber and patient safety risk
- Identify gaps in your program and define necessary collaboration with key stakeholders in IT, network, clinical, and operations
- Assess internal talent while defining key subject matter expertise needed to maintain capability and maturity
- Review cyber framework compliance and map HTM/CE requirements to security requirements
Program Assessment, Development, Staffing, & Education
IoMT Cybersecurity Program Development
Provides policies, procedures, workflow, etc. for managing a comprehensive IoMT Cyber Program, including development and management of change authority, governance and team staff augmentation
- Comprehensive Managed Program with expertise to manage IoMT, Operational (OT), and Industrial Technology (IIoT) – collectively XIoT
- Optimize the technology, policies, and process you have or need to reduce cyber and patient safety risk
- Close gaps in your program and foster collaboration with key stakeholders in IT, network, clinical, and operations
- Develop and train internal talent while supporting with key subject matter expertise needed to maintain resilience
- Prepare for cyber compliance and utilize data to make informed lifecycle decisions
Program Assessment, Development, Staffing, & Education
IoMT Cybersecurity Program Staffing
Expert staffing targeting for the unique clinical and operational device efficiency and security needs of your organization
- Security/HTM/Clinical Engineering Program and Project Managers
- HTM/Clinical Engineering Security Specialists (Engineers and Analysts)
- Vulnerability Management Subject Matter Experts
- Network and Segmentation Specialists
- Policy and Framework Experts
Program Assessment, Development, Staffing, & Education
IoMT Incident Response Program Assessment
Assess Incident Response capability structure, staff, and systems resulting in transformation roadmap
- Review policies, procedures, process (implementation), testing ability, and integration
- Review playbooks, contractural obligations, and service level objectives/agreements
- Assess technology response, automation and alert tuning
- Evaluate threat sharing and manufacturer communications planning
- Develop tabletop design and coordination
Program Assessment, Development, Staffing, & Education
IoMT Incident Response Program Development
Provides policies, procedures and technology guidance for running an IoMT Incident Response Program
- Develop or refine policies, procedures, process (implementation), testing ability, and integration
- Update or craft playbooks, contractural obligations, and service level objectives/agreements
- Optimize technology response, automation and alert tuning
- Streamline threat sharing and manufacturer communications planning
- Implement tabletop exercises and schedule
Program Assessment, Development, Staffing, & Education
IoMT Risk Management Program Assessment
A NIST based approach identifying a current state of connected clinical asset behaviors, anomalies, and architecture
- Cyber focused review of policies, procedures, process (implementation), testing ability, and integration
- Review risk playbooks, contractural obligations, and service level objectives/agreements
- Assess technology integration and risk context
- Evaluate threat sharing and manufacturer communications planning
- Develop control roles, responsibilities, and stakeholder sharing requirements
Program Assessment, Development, Staffing, & Education
IoMT Risk Management Program Development
Provides policies, procedures, and technology optimization for running an IoMT Risk Management Program
- Cyber focused deployment of policies, procedures, process (implementation), testing ability, and integration
- Mature risk playbooks, contractural obligations, and service level objectives/agreements
- Operationalize technology integration and risk context
- Streamline threat sharing and manufacturer communications planning
- Initiate control roles, responsibilities, and stakeholder sharing requirements
Value Acceleration Programs
IoMT Security Platform - Value Acceleration Program
Kick-start adoption and deployment of IoMT security applications and accelerate the identification of clinical device optimization opportunities across people, processes and technology.
- High-priority cyber focused deployment of policies, procedures, process (implementation), testing ability, and integration
- Initiate risk playbooks, contractural obligations, and service level objectives/agreements
- Operationalize technology integration and risk context
- Identify threat sharing and manufacturer communication activities
- Initiate control roles, responsibilities, and stakeholder sharing requirements
Value Acceleration Programs
CMMS Platform - Value Acceleration Program
Kick-start and develop plan for the organization’s CMMS goals, current state, and roadmap. Focuses on people, process, and data accuracy.
- High-priority CMMS focused deployment of policies, procedures, process (implementation), testing ability, and integration
- Initiate risk control flows
- Operationalize technology integration and risk context
- Identify resource requirements for program capability and maturity
- Initiate control roles, responsibilities, and stakeholder sharing requirements
Platform Selection, Implementation, Integration, & Staffing
IoMT Security Platforms
IoMT Selection, implementation, integrations, and staffing
- Selection: Align business requirements, strategic imperatives, and budget considerations
- Implementation and Integration: Operationalize selected technology platform for visibility, risk, and utilization outcomes
- Subject Matter Expertise: Staff augmentation and training to fill program gaps or priorities
Platform Selection, Implementation, Integration, & Staffing
CMMS Platforms
CMMS Selection, implementation, integrations, and staffing
- Selection: Align business requirements, strategic imperatives, and budget considerations
- Implementation and Integration: Operationalize selected technology platform for visibility, risk, and utilization outcomes
- Subject Matter Expertise: Staff augmentation and training to fill program gaps or priorities
Strategic Services
Vulnerability Management - IoMT (Medical Devices) & Operational Technologies
Provides MDSP administration, Vulnerability output prioritization and corrective action planning supported by minimal VM specific workflow development minimal remediation oversight to client mitigation/remediation teams. May include staff augmentation for VM and CVE acknowledgement and assessment within MDSP
- Vulnerability Program engineers and analysts
- Continuous Risk Contextualization and Prioritization Activity
- Incident Response Coordination
Strategic Services
Patch Management - IoMT (Medical Devices) & Operational Technologies
Provides standard windows OS device patch management strategy (WSUS) and hardware, configuration and support requirements
- High-priority patch management augmentation
- PM/CM workflow management for patching support
- Reconciliation and data clean up expertise