Ordr Partners with Sodexo on Managed Cybersecurity Service for Connected Devices in Healthcare! Read more here!

Ordr Publishes Connected Device Security Maturity Model to Guide Healthcare Organizations on the Path to Zero Trust

Santa Clara, CA – November 29, 2022 – Ordr, the leader in connected device security, today published a maturity model aimed at helping healthcare organizations benchmark their connected device security efforts and develop a strategy to improve the efficiency and strength of their security programs.

Entitled “A Practical Guide: Implementing Connected Device Security for Healthcare Organizations,” the document serves as a framework for healthcare security teams, helping them understand where their organization is on the connected device security maturity curve, and where to focus efforts to make improvements. The guide organizes the stages of maturity into five steps, including detailed descriptions, requirements, and the potential business value realized at each stage. Recommended actions, technical considerations, and helpful insights are included as well, to help teams learn how to improve their security posture, become more resilient, and advance their security efforts as they move toward Zero Trust.

Connected devices play an essential role within a healthcare organization – gathering data, providing diagnostics and therapeutic functions, and automating activities. But those same connected devices also expand the attack surface and create risk for healthcare providers. In fact, the healthcare sector faced the most ransomware attacks of any industry last year, according to the FBI’s 2021 Internet Crime Report, resulting in losses of $6.9 billion.

“A majority of healthcare organizations today rely on Internet of Things (IoT), Internet of Medical Things (IoMT), and Operational Technology (OT) devices to provide critical patient care, improve efficiencies, and manage the facility. The truth is, connected devices are everywhere in healthcare, which can make protecting them a daunting task,” said Pandian Gnanaprakasam, Chief Product Officer and co-founder of Ordr. “At Ordr, we’ve gained deep expertise working with customers of all sizes and at all stages of maturity. We understand the complexities that security teams in healthcare struggle with everyday – and we’re proud to share our insights with the community, to be used as a guide on the journey to Zero Trust.”

The five steps of the maturity model include:

  1. Asset Visibility: This stage includes creating a complete, accurate and up-to-date asset inventory by automating discovery and classification for all known, unknown, and new devices, in addition to identifying risks.
  2. Vulnerability and Risk Management: This stage encompasses creating a risk-based view of connected devices by combining device vulnerability insights, establishing device behavior baselines, and reviewing external threat intelligence inputs to gain a comprehensive view of the attack surface, guiding security efforts.
  3. Reactive Security: This stage uses connected device insights and the risk-based view from the previous stages, combined with business context, to help teams understand device risk in their unique environment, prioritizing risk mitigation and incident response efforts.
  4. Proactive Security: In this stage, teams automate policies and workflows to ensure rapid threat detection and response. Teams also develop and implement proactive measures such as Zero Trust segmentation to reduce the attack surface ahead of threats, enabling teams to focus on more complex threats.
  5. Optimized Security: At this stage, teams continue to build on the foundation they have created to expand and optimize their security methods with automation and proactive Zero Trust security policies, aligning and scaling with organizational demands.

“While all industries are at risk of cyberattack, the potential outcomes of attacks on healthcare organizations could be catastrophic, with real consequences for patients,” added Brad LaPorte, author of the guide and former Gartner cybersecurity analyst. “Organizations cannot expect to reach the Optimized Security stage instantly. Each stage establishes critical capabilities, builds upon previous stages, and creates value on the journey to Zero Trust. No matter where you are on this journey and what your ultimate goal is, this guide provides essential insights to understanding your security posture – and what is needed to improve.”

To learn more about Ordr’s connected device security maturity model for healthcare organizations, please sign up for the January 19th Ordr of Business webinar: Healthcare’s Guide to Connected Device Security Maturity Model – The Road to Zero Trust.

.

Ordr Partners with Sodexo on Managed Cybersecurity Service for Connected Devices in Healthcare

Santa Clara, CA – November 9th, 2022 – Ordr, the leader in connected device security, announced today that it has partnered with Sodexo Healthcare Technology Management to deliver a managed HTM and cybersecurity solution that combines the strengths of Ordr’s connected device security platform with Sodexo’s healthcare technology management services expertise. The combined solution — Sodexo Managed HTM Cybersecurity services built on the Ordr platform — delivers the people, process, and technology that healthcare technology management (HTM) teams need to mitigate risks and secure all connected healthcare devices.

In healthcare facilities, connected devices, including Internet of Medical Things (IoMT), have transformed care delivery and are used every day by providers and staff to deliver high-quality, efficient, life-saving medical care. However, while providers depend on the ever-increasing number of connected devices to deliver care, these devices create challenges and complexity for the HTM and IT users responsible for operating and securing them.

At scale, it can be difficult to accurately identify and classify these devices, understand their specific vulnerabilities and risks, determine whether they are available for maintenance, or to locate them for patching. Without strong security protections, unprotected devices can provide an opening for attackers to breach a system or spread ransomware. Addressing security and compliance is especially challenging because these devices often run outdated operating systems and because FDA or manufacturer guidelines may preclude updates.

“Visibility and security of medical devices is critical for healthcare organizations. HTM users need to be able to discover, profile and manage risks associated with these devices. With attacks such as ransomware increasing, it is important to be able to prioritize issues that have the highest impact when it comes to mitigating risks,” said Jim Hyman, CEO of Ordr. “The combination of the Ordr technology with Sodexo’s expertise and deep knowledge of the healthcare environment, will enable HTM teams to securely manage their connected medical devices and improve operational efficiencies.”

The Ordr platform, with successful deployments across hundreds of leading healthcare facilities, can discover and secure everything connected – from traditional servers, workstations, and PCs, to IoT, IoMT, and OT devices. Ordr Clinical Defender is optimized for HTM teams to automate the discovery and inventory of medical devices, accelerate day-to-day tasks, identify and prioritize medical device vulnerabilities, and drive operational efficiencies with device utilization insights.

“Successfully managing today’s expansive healthcare networks requires best-in-class technology that delivers real-time device, utilization and risk insights along with guidance on how to optimize security and performance,” added JT Surgener, Senior Vice President, Technical Services, Sodexo Healthcare. “Through the Ordr and Sodexo managed services offering, organizations will gain access to a powerful, yet easy-to-use healthcare device security platform – along with leading HTM and cybersecurity services, that will help them drive to greater efficiencies and security.”

Sodexo Healthcare Technology Management (HTM) services are tailored to specific hospitals or healthcare systems. Sodexo’s services help optimize medical equipment inventory, advise on equipment replacement and purchases, and provide on-site maintenance and repair.

Key benefits of the Sodexo’s Managed HTM Cybersecurity Solution include:

  • Strategic Insights, Guidance, And Expertise – Sodexo’s highly skilled and motivated technical team integrates with local healthcare teams to solve problems, provide solutions, and continually find innovative ways to maximize assets to ensure smooth and effective patient care.
  • Best-In-Class Tailored Solution – The Sodexo solution combines decades of HTM service delivery expertise with Ordr’s leading connected device security platform. The combined service helps healthcare providers of all sizes drive performance, efficiency, and security.
  • Comprehensive Visibility – Discover and profile every connected device in an environment, with granular details that help maintain an accurate, up-to-date inventory of all assets – and help locate devices for maintenance and patching.
  • Actionable Risk Insights – Understand vulnerabilities and clinical risks to the healthcare environment, prioritize risks and actions, and continuously monitor for threats.
  • Improved Cyber Response – Improve incident response to stop active attacks, while accelerating efforts to improve overall security posture. Tailored recommendations and dynamically generated policies support segmentation and zero trust efforts.

Sodexo’s Managed HTM Cybersecurity Solution leveraging Ordr is available now. For more information on how you can gain insights and control over the connected devices on your healthcare network, contact Sodexo here or visit https://ordr.net/service/sodexo/.

Ordr Appoints Cybersecurity Leader and Industry Expert Jim Hyman as CEO

Santa Clara, CA – November 2, 2022Ordr, the leader in connected device security, announced today that Jim Hyman has been appointed Chief Executive Officer (CEO) and member of the company’s Board of Directors. With more than 25 years of deep experience in cybersecurity and technology, and a proven record of scaling and operating companies for growth, Hyman will use his experience to continue building a world-class organization as the company enters a new phase of growth. Hyman was most recently Chief Operating Officer at Synack, VP Sales at Trusteer prior to its acquisition by IBM, and spent 4 years as the VP of Sales at Zscaler. Hyman succeeds Greg Murphy as CEO, who is leaving to pursue other interests, but will remain an advisor to the company.

“Jim’s background in cybersecurity and his experience across sales, business development and operations make him the perfect leader to accelerate Ordr’s growth. He embodies our customer-centric culture, represents our values, and has a clear vision for Ordr’s future,” said René Bonvanie, Chairman of the Board of Directors at Ordr. “On behalf of the board, I want to thank Greg for his significant contributions as CEO for the past four years.”

With the explosive growth of connected devices, security and IT leaders are looking not only for visibility into what’s actually connected to their network but a complete suite of security features to identify devices with vulnerabilities, detect anomalies and respond to cyberattacks. With Ordr’s connected device security platform, security and IT leaders are able to discover and classify what is connected to the network, in real-time, via an agentless approach.

Ordr identifies devices with risks, such as those with vulnerabilities, running outdated operating systems, behaving anomalously or communicating to a malicious domain. Proactive Zero Trust policies can be applied to keep devices in operation while limiting exposure. When a device is compromised, organizations can move quickly from “detection” to “response” by taking advantage of Ordr’s insights into the device and dynamically generating policies to mitigate risks.

“I’m thrilled to join Ordr at such an exciting time and look forward to building on the company’s foundation of world-class, innovative technology in the connected device security market,” Hyman said. “Ordr is uniquely poised to address visibility and security challenges with the growth of connected devices and also accelerate the digital transformation and Zero Trust initiatives across multiple industries. We have unparalleled technology and an enormous opportunity ahead of us.”

“When we founded Ordr, our goal was to help organizations address their connected device security challenges,” said Pandian Gnanaprakasam, Ordr co-founder and Chief Product Officer. “Our growth and customer momentum validates our best-in-class approach. Jim is the right person at the right time. His experience and passion, combined with Ordr’s extraordinary market position and financial resources, put Ordr in a perfect position to capitalize on new opportunities, offer best-in-class customer experiences, and accelerate growth. I look forward to working with Jim as we continue to scale.”

Ordr Awarded Four Patents Addressing Connected Device Security Challenges

Santa Clara, CA – October 25, 2022 – Ordr, the leader in connected device security, has been awarded four new patents for the visibility and security of the ever-increasing number of devices accessing today’s enterprise networks.

Connected devices are transforming industries and business operations. However, each new device and connection increases an organization’s attack surface. In industries such as healthcare and manufacturing, a cyberattack impacting a connected device can easily disrupt the entire business, or become a life-threatening situation. IoT and OT devices in particular can be essential to digital transformation strategies, but present unique cybersecurity challenges because they are not always designed with security in mind.

“Ordr continues to make significant investments in our technology to enable our customers to address critical connected device security problems. These patents validate the innovation behind our platform  – from visualization of a device profile, mapping of how devices are communicating, to baselining normal behavior so that anomalies can be surfaced. We have best-in-class technology, and the most mature and innovative patent portfolio in this market,” said Pandian Gnanaprakasam, co-founder and Chief Product Officer at Ordr.

Ordr’s new patents represent unique innovations that position the company and its technology as the platform of choice for connected device security, healthcare IoT and IoMT security, and cyber asset and attack surface management (CAASM) challenges:

  • Determining A Device Profile And Anomalous Behavior Associated With A Device In A Network (U.S. Patent 10742687) – This patent highlights Ordr’s ability to group devices and map their communication flows in real-time for behavioral detection. Ordr uses machine learning to baseline the normal behavior of a specific device with a similar set of devices over a specific period of time, to identify anomalies. This behavioral-based anomaly detection is applicable for all agentless devices including medical devices, IT devices such as printers and phones, and IoT devices such as building management systems and video surveillance systems.
  • Presenting, At A Graphical User Interface, Device Photos And Risk Categories Associated With Devices In A Network (U.S. Patent 10979447) – Ordr’s Data Lake includes a knowledge base that identifies devices based on static, dynamic, and flow-level behavioral attributes. Ordr has unique innovations in classifying millions of devices using machine learning and a novel hierarchical organization technique to scale the classification process. Ordr uses this breakthrough technology to classify devices accurately and at scale, with granular details like manufacturer, make, model and more, including the exact picture of the device on the Ordr dashboard, to facilitate asset inventory and incident response. For example, more than 28,000 printers in the Ordr knowledge base are classified with this technology, and this knowledge database grows daily with machine learning.
  • Presenting, At A Graphical User Interface (GUI), A Constellation View Of Communications Associated With Node Groups In A Network (U.S. Patents 10928987, 10656795) – Ordr employs a novel approach to group devices on multiple dimensions. For example, a group can be based on devices – printers, medical devices, cameras, etc. A group can also be defined based on the VLANs they belong to, subnets, or device categories (such as infusion pumps, CT scanners, etc), or business entities such as research departments or operating theater area and so on. Ordr has patented the ability to graphically show this “organization” using a novel technique to make it easy to examine group-to-group communication and its deviations and anomalies. This is critical for pre-segmentation planning to develop policies on what to allow and deny. This is also a great visualization tool to track policy controls post-segmentation enforcement to ensure any business workflow is not affected while malicious traffic is caught immediately.

Ordr Improves Visibility, Security and Management of Connected Devices From Ground To Cloud

Santa Clara, CA – September 21, 2022Ordr, the leader in connected device security, today announced new capabilities and enhancements to its AI-powered platform to help organizations discover, gain essential context, and secure their connected devices everywhere.

New integrations expand the more than 80 integrations within the Ordr Data Lake, to empower organizations with a single source of truth about connected devices and assets in their on-prem, remote, data center, private, public, and hybrid cloud environments. In addition, enhancements have been made to Ordr’s automated segmentation capabilities that help organizations accelerate and scale adoption of a true Zero Trust security posture to protect every connected device.

“Gaining visibility and control across an organization’s entire attack surface of connected assets, is one of the most fundamentally important – yet challenging – tasks facing IT and security teams today,” said Pandian Gnanaprakasam, Chief Product Officer and co-founder of Ordr. “The latest additions to our industry-leading platform will deliver complete ground to cloud visibility – from assets in remote sites, and campus devices, all the way to assets in the cloud. This “whole hospital” or “whole enterprise” approach to security, ensures that no device or connection remains unknown. We’ve also added the ability to more efficiently define and enforce segmentation to accelerate Zero Trust initiatives.”

New Ordr Ecosystem Integrations and Partnerships
The increasing growth of cloud adoption adds a visibility black hole, making it difficult to fully understand how devices are connecting – and what those devices are actually communicating with in the cloud. This increases the risk factors of connected devices exponentially. Ordr 8.1 gives organizations comprehensive visibility into their entire attack surface, from ground to cloud.

“Ordr’s coverage from day one has been excellent, being able to see all connected devices with their whole enterprise and whole hospital approach. Cloud coverage adds a critical new layer of visibility and protection for all organizations,” said Michael Grall, president and CEO, Talus Solutions. “Ordr works closely with its customers, who are some of the largest enterprises and healthcare providers in the country, so you know this solves a real problem. The new integrations are a good leading indicator of challenges organizations face, and Ordr is defining how connected device security needs to continue to evolve.”

Ordr now supports more than 80 integrations. New partnerships and technology integrations announced in Ordr 8.1 enable the following:

  • Asset discovery and visibility in public and private clouds – Completely understand how on premise devices are communicating with assets in cloud environments.
    • AWS – Workloads running in Amazon Web Services (AWS) environments are now visible to organizations using Ordr. Ordr AMI sensor support is also available as part of this release to provide additional insights into AWS workloads.
    • VMware – Extend visibility to VMware workloads running in public, private, and hybrid cloud environments.
  • Network discovery – Automatically discover, classify, and gain context for every connected device on the network. Granular device insights are combined with network details to ensure every discovered device is accurately identified, mapped to its current location, and properly secured.
    • Arista – Collect connectivity data from Arista devices, adding to an already broad portfolio of network infrastructure integrations.
    • Cisco Prime – Expand Cisco Prime integration with multi-instance support to gain connected device details such as physical location, device name, and network.
    • ERSPAN – Extend and optimize Ordr to discover and secure devices in remote sites.
  • Ordr Data Lake enrichment – Integrate with more than 80 tools across the IT infrastructure to gather and enrich connected device details, establishing a single source of truth. Gain a much more complete picture of networks, devices, and the context required to identify risk, quickly respond to threats, and stop attacks. Ordr 8.1 integrations include:
    • BigFix – Improve device insights with additional context such as location, users, vulnerabilities, and the patch state of endpoints.
    • Microsoft DHCP/DNS – Track DHCP assignments to devices for an accurate view of IP address bindings, increasing the fidelity and accuracy of Ordr insights.
    • Osquery – Enable organizations adopting open-source Osquery endpoint agents to collect details from Linux, Windows, and macOS devices using custom query packs.
    • CrowdStrike – See every managed connected device, identify unmanaged devices, and know more about device vulnerabilities and risk combining Ordr insights with CrowdStrike security data.
    • Service Integration page – Manage all Ordr integrations from a new simplified and informative central page in the Ordr Dashboard.

Other recently announced capabilities that enrich the Ordr Data Lake includes Ordr’s own Software Inventory Collector, that simplifies device context collection, particularly installed software and patch data.

“Software Inventory Collector gives us a view of devices and potential threats that has been nearly impossible to keep current,” said Christina Cucchetti, IS&P Operations Specialist from Nexteer Automotive. “We now have a centralized, real-time view of risk for devices across all our sites, while team members that previously spent hours manually collecting device details can focus on patching critical vulnerabilities and protecting our operations.”

Enhanced Automated Segmentation Capabilities
Organizations have struggled to achieve a true Zero Trust security posture because they lack insights needed to understand their connected devices and create appropriate security policies. Many connected devices are unmanaged or un-agentable, and have unique communication requirements. To truly achieve Zero Trust, organizations need deep visibility into connected devices – to understand how and what they’re communicating with – in order to to define, manage, and enforce segmentation.

Ordr collects and learns details needed to provide insights and automate policy creation in support of Zero Trust efforts. This includes discovering and automatically classifying each connected device – and analyzing device communications to establish a baseline for normal activity. With these insights, Ordr automatically creates reactive policies to stop attacks – as well as proactive segmentation policies to improve security.

“Ordr provides the visibility and context into all connected devices to advance our segmentation journey with Cisco ISE,” said Shawn Fletcher, Senior Systems Administrator, St. Joseph’s Healthcare Hamilton. “Ordr greatly simplifies policy administration by providing accurate device baselines that can be generated, tuned, and enforced on groups or individual devices. Ordr responded to our compliance needs with the enhanced Policy Editor and new capabilities such as the Ordr Policy Optimizer which are making it easier to automate and expand Zero Trust across our environment.”

“The power of the Ordr platform has always been its ability to automate device classification and behavioral modeling using AI. This is foundational to our Zero Trust and segmentation strategy. The feature enhancements in Ordr 8.1 will further simplify and optimize how we create and enforce segmentation policies for every connected device,” said Larry Smith, Manager, Cybersecurity Architecture and Engineering, El Camino Health.

Key segmentation features of Ordr 8.1 include:

  • Automated policy creation and customization – Some device communications are infrequent, such as those related to backups or disaster recovery, and need to be accounted for when defining policies – or risk being blocked outright. Additionally, administrative requirements, common services, and other allowed activity must be taken into consideration when creating policies. With new tools such as Ordr Policy Editor, Ordr automated policies can be customized to meet business needs or account for unique requirements.
  • Segmentation policy optimization – Segmentation policies must be reviewed and adjusted to ensure they provide the intended result in an optimized way and can be adapted to new requirements as needed. At the same time, overly complex policies can impact resources such as enforcement and management. New features such as the Ordr Policy Optimizer automatically compress policies, reducing policy size and complexity and making it easier to create, maintain, and enforce.
  • Enforcement scaling – Enforcement points have finite resources – and must process every line of a policy – impacting performance and restricting the number of rules that can be supported. In addition, in large, complex environments, it can be challenging to support enforcement points from different vendors. With Ordr Policy Sharding, policies are automatically separated based on where enforcement or segmentation occurs, making them easier to manage and deploy. With support for enforcement point APIs or other enforcement point mechanisms, Ordr simplifies the distribution and enforcement of policies optimized for your infrastructure.

For more information about how Ordr can help security and IT teams deliver visibility and security for their connected devices, from ground to cloud, please visit www.ordr.net and sign up for the Ordr Masterclass on September 29th at 10 am PT for a technical deep dive on 8.1 security and segmentation features.

Ordr Clinical Defender 8.1 Delivers a Full-Lifecycle Vulnerability Management Platform Optimized for HTM

Santa Clara, CA – August 31, 2022 – Ordr, the leader in connected device security, today announced Ordr Clinical Defender 8.1, providing Healthcare Technology Management (HTM) teams a full-lifecycle vulnerability management platform to more efficiently prioritize and address risks for their connected medical devices.

Clinical engineering teams are tasked with managing thousands of medical devices, many of them critical to patient care and safety. The volume of devices is increasing every day, with equipment from hundreds of manufacturers, running an enormous volume of operating systems. As hospitals merge (or are acquired), the diversity of devices can multiply overnight. The attack surface also continues to expand – while device visibility decreases – as healthcare providers open remote clinics and support telemedicine environments.

Securing the environment of care directly depends on the operational efficiency of the HTM team. With the 8.1 release, Ordr Clinical Defender optimizes the process of managing medical devices and their vulnerabilities. HTM teams benefit from visibility into devices everywhere, with insights optimized based on their function, location, skills, and experience. Critical vulnerabilities are prioritized based on business risks, and simplified workflows assign the right tasks to the right teams. As a result, no time is wasted, and no vulnerabilities go undetected or unaddressed.

“Simply put, HTM teams require more efficient ways to monitor devices and vulnerabilities in an ever-expanding healthcare environment,” said Pandian Gnanaprakasam, Ordr Chief Product Officer and Co-Founder. “Ordr Clinical Defender allows each user to focus on the specific devices they’re responsible for, from a single screen, and helps them understand, prioritize and manage vulnerability workflows based on full business context. This will ultimately improve efficiencies and enhance patient safety.”

The Clinical Defender 8.1 release also adds the Ordr Software Inventory Collector, and integration with Crowdstrike and Crowdstrike Humio to ensure HTM teams have comprehensive device and operating system visibility at their fingertips. Healthcare organizations no longer have to struggle with discovering offline devices, those in remote clinics and locations, and behind VPN connections, making it easy to properly patch software and protect every device everywhere. Healthcare delivery organizations can now also easily manage diverse devices – from un-agentable devices like MRI systems, to medical workstations with agent-based Crowdstrike protections – within the same environment of care.

“The visibility that we now have into our networked devices and their software inventory gives us greater assurance that we are properly maintaining and securing our systems to ensure that we can continue to provide excellent service and patient care,” said Stacy Estrada, Information Security Manager, Montage Health.

“Efficiencies in HTM and clinical engineering teams translate to improvements in patient safety,” said Boyd Hutchins, Director of Clinical Engineering, Arkansas Children’s Hospital. “With the enhancements in Ordr Clinical Defender 8.1, HTM teams will now be able to manage the complete vulnerability lifecycle for all clinical devices. Ordr takes us beyond vulnerability monitoring and remediation to visibility into system utilization, instant access to system configuration, software levels, and location within our system.”

Clinical Defender was built on Ordr’s foundational asset and risk management features and developed with best practices from the top healthcare delivery organizations in the world. Now with comprehensive visibility into the software “stack” essential to understand vulnerabilities, Ordr makes it easy for HTM teams to work with their security teams to address the shared goal of patient safety.

“Ordr Clinical Defender has been an invaluable tool to help our clinical engineering teams improve the management and security of our IoMT devices,” said Dave Yaeger, Biomed Security DBA for ProHealth Care. “The advancements in the latest release support our whole hospital security approach across the healthcare system and will evolve the way our clinical engineering and security teams work together to manage device vulnerabilities and risks.”

Ordr Clinical Defender 8.1 delivers the following:

  • Risk reduction through Full-Lifecycle Vulnerability Management – Ordr simplifies how healthcare delivery organizations manage the complete vulnerability lifecycle for connected healthcare devices.
    • View all risks on a single vulnerability dashboard – Ordr now provides a single clinical vulnerability dashboard to help view all clinical vulnerabilities, across all vulnerability databases.
    • Prioritize vulnerabilities based on risks – Ordr’s Customizable Clinical Risk Score allows HTM teams to plan and prioritize remediation efforts. Risk scores are automatically calculated based on environmental factors and device lifesaving capabilities and are easily customized to align with organizational goals.
    • Optimize mitigation efforts – Leverage simplified workflows to collaborate across teams and manage the entire lifecycle of vulnerabilities. Custom Tags can be used to associate devices with applications, location, priorities, groups, individuals, or other key attributes, to simplify management of vulnerabilities across teams.
    • Collaboration with security teams – Ordr now integrates with Humio, Crowdstrike’s scalable log management platform, sharing medical device context to facilitate better collaboration with security teams.
  • Operational efficiency by aligning to HTM roles and responsibilities – Ordr enables users to group devices based on real-world business functions, allowing each user to see all devices under their management – and only those devices. Devices may be grouped by device type, across multiple types, by location, cost center, ownership, or any other business logic. This is useful when a mix of devices such as workstations, medical equipment, security cameras and more must be managed and maintained by an individual or group.
    • Enhanced security by eliminating device blind spots – Ordr Software Inventory Collector and Ordr’s new integration with Crowdstrike eliminate blind spots by gaining granular details of all connected devices everywhere.
    • Simplify how device context is gathered – Ordr Software Inventory Collector simplifies how device context, including vulnerabilities, can be gathered for all managed and unmanaged devices on all leading operating systems, no matter where and how the devices and users connect. This includes devices offline or online, in remote locations, and connected behind VPN or gateways.
  • Comprehensive visibility for all devices, managed and unmanaged – Ordr now integrates with Crowdstrike. The integration provides healthcare delivery organizations with comprehensive visibility across all devices, managed and unmanaged. Insights from devices with Crowdstrike agents are integrated within the Ordr DataLake to enhance device context.

“Ordr tracks IoT, OT, and medical devices where the CrowdStrike agent cannot be installed. By integrating Ordr’s dataset with Falcon’s in Humio, Crowdstrike’s scalable log management platform, this solution provides our customers unprecedented observability and visibility on all devices, agent or agentless, 24×7, online or offline,” said Adam Hogan, SE Director, Humio, CrowdStrike.

“Connected devices in healthcare bring unique risks. Ordr Clinical Defender 8.1 demonstrates Ordr’s continued focus on innovation, and will allow us to help healthcare providers to more effectively manage clinical vulnerabilities across the full lifecycle and safely deliver connected care,” said Carter Groome, CEO, First Health Advisory.

To learn more about Ordr Clinical Defender 8.1 and how it can help your HTM team stay on top of connected device security, visit https://ordr.net/platform/whats-new and www.ordr.net/clinical-defender. Sign up for the Ordr Masterclass on September 15, featuring a deep dive into Ordr Clinical Defender 8.1 features.

Ordr Secures $40 Million in Series C Funding to Answer Increased Demand for Connected Device Security

Santa Clara, CA – June 1, 2022 – Ordr has raised an additional $40 million to meet the growing need for organizations to understand, manage, and secure the growing number of connected devices in their environment, including Internet of Medical Things (IoMT), Internet of Things (IoT), and Operation Technology (OT). The funding round was co-led by Battery Ventures and Ten Eleven Ventures, with participation from new investor Northgate Capital and continuing investors Wing Venture Capital, Unusual Ventures, Kaiser Permanente Ventures, and Mayo Clinic. Other investors in Ordr’s Series C include Silicon Valley entrepreneurs René Bonvanie, former CMO of Palo Alto Networks, Dan Warmenhoven, former Chairman and CEO of NetApp, and Dominic Orr, former Chairman and CEO of Aruba Networks. With this funding, Ordr has raised more than $90 million to date.

Ordr addresses two key enterprise initiatives associated with a growing reliance on and adoption of connected devices: digital transformation and Zero Trust. Each new device connection increases an organization’s attack surface, along with the potential for a breach or ransomware attack. In industries such as healthcare and manufacturing, a cyberattack impacting an IoT device can easily disrupt the entire business or become a life-threatening situation. For organizations to move quickly from “detection” to “response” requires insights into the compromised device, where it’s located, and what policies can be applied.

Ordr offers complete and accurate asset visibility, automates and enforces Zero Trust policies, and accelerates incident response by hours with insights into devices and risks. As a result, Ordr experienced more than 140% year-over-year growth in new customer revenue in its most recent quarter ending on March 31, 2022, is deployed in 3 of the world’s top 6 hospitals, and has been adopted across more than 150 manufacturing sites.

“Ordr has built a platform that not only solves an important market issue – the need to definitively understand and protect what is connecting to your organization’s network – but is truly scalable to keep pace with the speed of today’s businesses. We’ve worked with Ordr’s team and seen firsthand how well they’ve executed against aggressive goals. This additional funding will accelerate Ordr’s market leadership and success in the market,” said Dharmesh Thakker, general partner at Battery Ventures.

“We believe the connected device security market needs a strong, open, and independent player that prioritizes customer success, focuses on time-to-value, and integrates with all the key components of a customer’s security and network infrastructure. This funding validates our best-in-class approach and solidifies our leadership in the market,” said Greg Murphy, Ordr CEO.

Ordr plans to use the Series C funding to accelerate its sales and marketing efforts, especially in vertical markets such as healthcare, where the company has been named a market leader in the Healthcare IoT security industry by analyst firm KLAS Research for three consecutive years. The company will also look to further capitalize on steadily increasing demand from manufacturing and financial services, expand its channel and partnership programs, and accelerate investments in customer success.

“In order to advance their digital transformation goals, every organization needs to enable the visibility and security of connected devices, including IoT, IoMT, and OT. Ordr is a much-needed innovator in the market, with the ability to not only deliver granular visibility into devices, risks, and behaviors, but also automate and enforce Zero Trust policies to secure these devices from attacks,” said Justin Stebbins, partner, Northgate Capital.

“As an early investor in the company, I have witnessed Ordr’s impressive product evolution and growing traction within critical sectors, including healthcare, manufacturing, education, and extended enterprise IoT. They have developed one of the most scalable and technically robust platforms in the market, and some of the world’s leading organizations depend on it to fulfill important security needs and deliver business insights. The time is right to accelerate the company’s mission to be the leader in connected device security. We believe in their success and look forward to the next chapter.” said Alex Doll, Founder and Managing Partner of Ten Eleven Ventures.

Since its last round of funding, Ordr has experienced tremendous growth, coinciding with an increased understanding of the organizational risk represented by unknown connected devices. Some additional highlights since the last funding round include:

“Data privacy and security are imperative IT initiatives within the healthcare industry with connected device security in particular as a critical need given the increase in connected devices in health care facilities. Kaiser Permanente Ventures is pleased to continue its investment in Ordr as a key technology leader in this space, to help protect connected devices automatically, preemptively and at scale across the enterprise,” said Chris Stenzel, executive managing director, Kaiser Permanente Ventures.

Continuing the momentum of the past year, Ordr today also strengthened its executive team with the addition of Paul Davis as the company’s new vice president of customer success. Paul has decades of experience in customer-facing roles at Axis Security, Splunk, Cisco, and other leading organizations. At Ordr, he will be responsible for managing customer relationships and ensuring the successful implementation and use of Ordr technology.

Ordr Integrates With Cisco’s Flagship Catalyst 9000 Series Switches To Simplify Deployments and Accelerate Cisco ISE and SDA Initiatives

Santa Clara, CA – May 3, 2022 – Ordr, the leader in connected device security, announced the availability of the Ordr Sensor as a hosted application on the Cisco Catalyst 9000 series switches. The company’s latest integration with Cisco extends seamless visibility, comprehensive insights and security for connected devices in every environment – including data center, campus, and branch offices. Ordr and Cisco have a deep and long standing partnership, in which Ordr provides deep visibility and context that enables customers to leverage the full power of Cisco’s infrastructure – including Cisco Meraki, Cisco Identity Services Engine (ISE), Cisco Software-Defined Access (SDA) and Cisco Trustsec – to secure their IT, IoT (Internet of Things), OT (Operational Technology) and IoMT (Internet of Medical Things) devices.

You cannot secure the modern enterprise without understanding what devices are connected to your network, what they are doing, and what vulnerabilities they have,” said Pandian Gnanaprakasam, Chief Product Officer and co-founder of Ordr. “It has been operationally challenging for some organizations to gain this level of visibility for all devices, in all locations. Now, in any environment with Cisco Catalyst 9000 series switches, Ordr enables IT organizations to immediately see and secure all these devices.

Ordr makes it easy to keep the connected enterprise secure by showing customers exactly what devices are in their environment, the systems they communicate with, and the risks they bring, while providing automated policies to secure them. Ordr not only identifies devices with vulnerabilities, weak ciphers, expired certificates, and active threats, but also uses machine learning to continuously baseline normal behavior. The combination of device and risk insights, behavioral analysis, and automated policy creation accelerates Cisco ISE and SDA deployments. 

“Embedding Ordr within the Cisco Catalyst 9000 allows customers to discover and secure connected devices in locations where it is not possible or not practical to deploy a hardware sensor, such as a branch office or other remote location. This, combined with Ordr’s strengths in accelerating Cisco ISE and SDA deployments, will streamline Zero Trust security for every organization,” said Chris Kuhl CTO and CISO, Dayton Children’s Hospital

“The explosive growth of connected devices means companies are more invested than ever in visibility and security solutions,” added Rob Parsons, Director, Network and Security Practice/Portfolio at Insight. “Remote offices are often underserved by security because they lack integration with core security tools. Ordr’s connected device security platform and Cisco’s industry-leading switching products combine to create a powerful value proposition for our clients. The results are simplified deployments, comprehensive visibility across every office, and accelerated Zero Trust and Cisco ISE initiatives.”

With this integration, even in smaller office locations, enterprises gain comprehensive visibility into connected assets, risks, network connectivity, device behavior, and utilization, as well as the ability to apply segmentation to the network edge. 

Key Ordr and Cisco Catalyst 9000 Integration Benefits

  • Secure More Devices: Extend Ordr to secure connected devices in data center, campus, branch office, or other remote locations. 
  • Quick Deployment: The Ordr sensor is deployed in a matter of minutes as a pre-packaged Docker container application hosted on any Cisco Catalyst 9000 switch, and can be easily deployed to hundreds of switches from the Cisco DNA Center. 
  • Reduced Footprint and Cost: By leveraging existing Cisco Catalyst 9000 switches as distributed Ordr sensors, the deployment footprint and costs are reduced.
  • No Performance Impact: Ordr takes advantage of Cisco Catalyst 9000’s dedicated application hosting compute, storage, and memory – so there’s no impact to switch performance.

Accelerating Security Across the Cisco Product Suite 

Ordr’s close relationship with Cisco includes integrations with multiple products, including the Cisco ISE, Cisco SDA, Cisco Catalyst 9000 switching family, Cisco Meraki, Cisco TrustSec, Cisco Secure Network Analytics (Stealthwatch), and Cisco Prime Infrastructure.

In addition, Ordr has recently become a Cisco Meraki Ecosystem Partner. Now available on the Cisco Meraki Marketplace, Ordr helps customers analyze their Meraki cloud data to see, know, and secure all connected devices, across all campus, branch, small office/home office (SOHO), and VPN connections.

Ordr’s deep integrations across the Cisco portfolio help customers add the end-to-end visibility and security needed to accelerate the deployment of Cisco ISE and SDA solutions. Ordr’s device classification, network awareness, security intelligence, and ability to auto-generate enforcement rules simplify the process of creating, provisioning, and managing an IoT, IoMT and OT segmentation policy.

For more information about how Ordr can help strengthen the visibility, security and overall management of all your Cisco deployments, please visit www.ordr.net/partners/cisco and attend the Ordr Masterclass on May 19th

About Ordr:

Ordr makes it easy to secure every connected device, from traditional IT devices to newer and more vulnerable IoT, IoMT, and OT. Ordr Systems Control Engine uses deep packet inspection and advanced machine learning to discover every device, profile its risk and behavior, map all communications and protect it with automated policies. Organizations worldwide trust Ordr to provide real-time asset inventory, address risk and compliance and accelerate IT initiatives. Ordr is backed by top investors including Battery Ventures, Wing, and TenEleven Ventures. 

For more information, visit www.ordr.net and follow Ordr on Twitter and LinkedIn.

 

Media Contact:

Jeff Drew

Guyer Group for Ordr

ordr@guyergroup.com

(617) 233-5109

Ordr Named in the 2022 Gartner® Market Guide for Medical Device Security Solutions

SANTA CLARA, Calif.March 15, 2022 /PRNewswire/ — Ordr, the leader in connected device security, has been named a Representative Vendor in the 2022 Gartner Market Guide for Medical Device Security Solutions for the second year in a row.

Ordr was named a Representative Vendor in the 2022 Gartner Market Guide for Medical Device Security Solutions.

“The variety and scale of security risks are significant in the IoMT-rich healthcare environment and create a large and complex threat surface. At the same time, most sensor-based things have minimal internal computing resources, with limited opportunities to install antivirus, encryption and other forms of protection. However, they commonly connect to HDO back-end computing resources and require protection,” said Gregg Pessin, Sr. Director Analyst at Gartner.

The Market Guide for Medical Device Security examines the growing market for solutions that address software, hardware, and network and data protection requirements for an HDO’s IoMT devices. These solutions enable organizations to securely manage IoMT devices, ensure IoMT endpoint and data integrity, and perform asset discovery.

Three key findings were called out in the Gartner report:

  • “Most healthcare delivery organization (HDO) CIOs and chief information security officers (CISOs) do not have an up-to-date, complete and accurate inventory of the medical devices within their enterprises. This thwarts efforts to protect their healthcare delivery environments from continuous security threats.
  • Internet of Medical Things (IoMT) and Internet of Things (IoT) device populations are growing in size and diversity within HDOs. This growth drives increased smart device network traffic and the size and complexity of the resulting threat surface.
  • Market solutions that address these issues started with simple discovery and risk scoring, and have developed into full-fledged security protection systems for IoMT populations inside HDOs.”

“The number of connected devices in healthcare organizations has grown exponentially. Unfortunately, this brings with it a significant increase in attack surface,” said Greg Murphy, CEO of Ordr. “Ordr works with leading healthcare organizations to profile every connected device, deliver actionable insights into threats, vulnerabilities, and anomalous behavior, and secures every device with automated policies. We are pleased to be recognized by Gartner as a Representative Vendor to address critical visibility and security requirements within healthcare.”

Ordr recently announced its Clinical Defender solution, which gives Health Technology Management (HTM) professionals visibility into exactly what medical devices are connected to an organization’s network. The solution enables one-click access to critical HTM data, accelerates risk remediation workflows, and delivers device utilization insights.

To download the 2022 Gartner Market Guide for Medical Device Security Solutions, click here.

Ordr to Share Insights on Healthcare Security Best Practices at HIMSS

SANTA CLARA, Calif. and ORLANDO, Fla.March 10, 2022 /PRNewswire/ — Ordr, the leader in connected device security, announced today its participation at HIMSS 22 Global Health Conference & Exhibition, taking place from March 14-18, 2022 in Orlando, FL at the Orange County Convention Center.

Ordr CEO Greg Murphy and Ordr security experts will be presenting on best practices to securing healthcare organizations alongside Mayo Clinic, Cleveland Clinic and Dayton Children’s Hospital. As a sponsor, the company will showcase and demonstrate its latest Ordr 8 and Ordr Clinical Defender innovations at Booth # 309. Ordr demos will also be featured at Cisco’s Booth # 1559 on Tuesday, March 15, 2022.

Ordr speaking sessions:

  • Mayo Clinic’s IoT Journey: From Asset Inventory to Cybersecurity
    • Speakers: Mark Manning, Division Chair, Healthcare Technology Management at Mayo Clinic, and Greg Murphy, CEO at Ordr
    • Topic: The Mayo Clinic’s approach to securing connected devices in healthcare.
    • When: Monday, March 14, 2022 at 3:20 PM EDT
    • Where: Rosen Centre, Junior Ballroom F
  • Medical Device Cybersecurity Playbook
    • Speaker: Danelle Au, CMO at Ordr
    • Topic: The cybersecurity playbook on what you should do before, during and after an attack.
    • When: Wednesday, March 16, 2022 at 10:15 AM EDT
    • Where: Orange County Convention Center, Hall A, Booth 300, Cybersecurity Theater B
  • Battling Ransomware in Healthcare
    • Speakers: Kevin Tambascio, Manager, Cybersecurity IT/OT Attack Surface Reduction at Cleveland Clinic, and Srinivas Loke, Senior Director, Product Management at Ordr
    • Topic: Best practices for ransomware detection and response.
    • When: Thursday, March 17, 2022 at 8:30 AM EDT
    • Where: Orange County Convention Center, W311E
  • A Practical Approach to Zero Trust Security in Healthcare
    • Speakers: Christopher Kuhl, CISO and CTO at Dayton Children’s Hospital, and Greg Murphy, CEO at Ordr
    • Topic: Dayton Children’s Hospital best practices and approach to implementing a zero trust architecture.
    • When: Thursday, March 17, 2022 at 11:30 AM EDT
    • Where: Orange County Convention Center, W311E

Ordr recently announced its new Clinical Defender solution, which delivers one-click access to critical data, accelerates risk remediation workflows, and delivers device utilization insights to Health Technology Management (HTM) professionals. As the number of connected medical devices within a healthcare organization continues to grow, the size of the potential attack surface expands as well. With critical services and patient care at risk, it is more critical than ever before for HTM teams to gain visibility into exactly what devices and equipment are connecting to a company’s network.

For more information on Ordr’s presence and activities at HIMSS 2022, please visit here. Ordr will be at booth # 309 during the event for any attendees who would like to learn more about the company’s ability to help healthcare organizations gain visibility and security into their connected devices.

Ordr CEO Greg Murphy is available for meetings and can share insights about top of mind connected device and security issues facing healthcare teams. If interested in connecting, please reach out to our media contact, who will be able to broker an introduction and schedule a meeting.