ULTIME NEWS: Gyala riconosciuta Sample Vendor nel documento “Emerging Tech: AI in CPS Security” di Gartner Leggi

CASE STUDY

Cybersecurity for Healthcare Infrastructures

Ensuring continuity and security for healthcare services by protecting patient data and clinical infrastructures.

Discover Agger Health

Background

A large private healthcare organization with multiple hospitals and outpatient clinics nationwide, equipped with an integrated IT/OT infrastructure essential for delivering continuous diagnostic and clinical services.

In healthcare, digital transformation has revolutionized the delivery of medical services, introducing connected biomedical devices and digital clinical systems. However, this evolution has expanded the attack surface of infrastructures, exacerbated by legacy systems that cannot be updated and the rapid interconnection of IT and OT devices.

The need to protect sensitive patient data and ensure the resilience of critical operations led the healthcare provider to seek an advanced cybersecurity solution capable of operating continuously and automatically, without disrupting clinical services.

Over 1,000
biomedical devices secured

Zero
downtime caused by cyberattacks.

Compliance
with security standards.

Needs

  • Ensure the protection of biomedical devices and legacy systems with non-upgradable software to avoid vulnerabilities.
  • Block cyberattacks in real-time while minimizing interruptions to critical services.
  • Provide an automated solution capable of operating 24/7, addressing the shortage of specialized cybersecurity personnel.
  • Comply with existing regulations, including the National Cybersecurity Agency (ACN) framework.

Challenges faced by other providers:

  1. Supporting biomedical devices with legacy systems.
  2. Providing detection across all systems while limiting reaction to specific biomedical devices to preserve their operational integrity.
  3. Minimizing service downtime without dedicated cybersecurity staff.

Our Solution

Gyala, through its Agger platform, delivered an "all-in-one" cybersecurity system that automated detection and reaction processes:

  1. Installation of agents and probes across IT/OT infrastructures for continuous protection.
  2. Development of customized detection and reaction rules tailored to biomedical devices and legacy systems, ensuring operational continuity and data integrity.
  3. Integration with the operational workflows of the healthcare facility to reduce reaction times to zero seconds and contain threats without service disruption.

Benefits

  • Instant response to cyberattacks.
  • Maximized IT/OT resilience.
  • Reduced operational costs through automated incident analysis and response.

Regulation

  • GDPR: Protection of patients' personal data.
  • NIS2 Directive: High-security standards for critical infrastructures, including healthcare.
  • Biomedical certifications: Ensuring security without compromising device certifications.