CE-Tech’s Medical Device Security Program Far Above the Competition

When asking a 3rd party partner to help you with your medical device security, you want to be able to trust your partners. The industry is rife with floundering, directionless security programs due to the complexities that medical equipment poses to information security. Even large names in clinical engineering and the medical device space can be inefficient, wrongly directed, or ineffective.

CE-Tech has been building an effective, efficient, and properly-directed cybersecurity program for three years. Recently, CE-Tech underwent a complete Medical Device Security Program review conducted by Protiviti, a global leader in internal audit, technology, risk, and compliance. The results were spectacular.

CE-Tech was rated at or above industry standard in every category, averaging an impressive 67.7% above industry standard.* CE-Tech’s robust security policies, risk analysis processes, educational material, patch planning systems, and timely vulnerability management programs all went into the great scoring.

CE-Tech is able to manage the risk assessments of tens of thousands of medical devices through data analytics that provide real-time risk scoring, prioritization of work, and a framework for cooperation between analysts, clinical engineers, and end-users.

Unlike many programs, CE-Tech evaluates each device individually because each medical device is different. For instance, a defibrillator utilizing 4G communication in an ambulance presents a different risk profile than the same model utilizing Wi-Fi in the ED. As each device is evaluated through our risk assessment process, vulnerabilities are discovered and remediated when possible, potential compensating controls can be identified and implemented to mitigate unresolved vulnerabilities, and an understanding of the risks of the asset on its own and in conjunction with other devices in a department and facility can be determined.

How Can We Help You?

If you are concerned about the risk that your medical devices pose to your organization or want to know more about our medical device security program, call CE-Tech today. There is no better time to start building your medical device security program than today.

In honor of Nation Cybersecurity Awareness Month, we want to be a resource for you! Please reach out to us if we can help.



*Utilizing Protiviti’s proprietary scoring metrics based on the NIST Cybersecurity Framework, comparing against organizations of like make-up, size, and complexity.