What You Should Know:
– Philips partners with CyberMDX, a leader in connected medical device security, to provide vendor-neutral solutions to protect connected medical systems and devices.
Philips, today announced the introduction of the Philips Cybersecurity Services for seamlessly integrating and enhancing strategic security solutions for Philips customers. The Philips Cybersecurity Services comprise an end-to-end suite of technologies and services to safeguard customers’ medical systems, devices and related software solutions regardless of their manufacturer, helping empower digital transformation in healthcare.
Created as a platform for partnership with healthcare customers, the Cybersecurity Services help define and implement strategic and tactical software and device protection. The Cybersecurity Services are designed to be customized and optimized for present and emerging individual customer needs for their healthcare environments. As requirements evolve, the Cybersecurity Services will provide guidance on how to adapt to provide optimum protection and support. The services will initially be deployed in the U.S., with expansion to other geographies planned for 2021.
Partnership with CyberMDX
Philips’ integrated Cybersecurity Services are supported by a new partnership with CyberMDX, a leading provider of healthcare cybersecurity capabilities for hospital digital environment mapping and evaluation, medical device risk assessment, security prioritization, threat detection and intelligence, intrusion prevention, and related support. Data and insights collected through CyberMDX form a core foundation for development and implementation of a full cybersecurity plan for individual customers.
“Both CyberMDX and Philips strive to make healthcare a safer place by continuously building out more robust cybersecurity solutions,” said Amir Magner, Co-founder and CEO of CyberMDX. “Our industry leading multi-vendor Healthcare Security Suite works to protect all connected devices in hospital environments, whether managed or unmanaged, by leveraging a combination of risk assessment, detection, threat intelligence and prevention capabilities.”
The Philips Cybersecurity Services offerings comprises of:
Cybersecurity Consulting – Security experts provide risk and vulnerability assessments of medical systems, regulatory compliance support, and guidance for seamlessly integrating security response and recovery across suppliers.
Cybersecurity Protection and Upgrade Services – Technology and service offerings work to keep systems secure through software upgrades to the latest security standards, medically validated OS patching, and network segmentation. Philips navigates the balance between required security protections, minimizing downtime, as well as maximizing the lifetime usage of systems and devices.
Cybersecurity Detection and Recovery Services – Identifying and monitoring the security posture of medical assets and systems 24/7. When needed, these services trigger response and recovery workflows. The services identify incidents with a focus on a healthcare context to avoid data overload, and then initiates remediation actions enabling operations to resume as soon as possible.
Cybersecurity Access & Audit Services – Access and audit services help maintain control over employee and vendor system access, and allow for streamlined/compliant auditing of procedures and data. This provides essential insights into a hospital’s security profile – indicating strengths and potential vulnerabilities.
End-to-End Security by Design
Philips’ cybersecurity approach is defined by its end-to-end “Security by Design” principles, infusing security from product design and development, through testing and deployment – followed up with robust policies and procedures for monitoring, effective updates, and incident response management. Philips has also contributed to the development of national and international cybersecurity standards for medical devices. The Philips Cybersecurity Services aligns with global cybersecurity best practices and internationally recognized standards.