What You Should Know:
What You Should Know:
– Palo Alto Networks (NASDAQ: PANW) announced Medical IoT Security — the most comprehensive Zero Trust security solution for medical devices — enabling healthcare organizations to quickly and securely deploy and manage new connected technologies. Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust by continuously verifying every user and device.
– As healthcare providers use digital devices such as diagnostic and monitoring systems, ambulance equipment and surgical robots to improve patient care, the security of those devices is as important as their primary function.
Introducing Medical IoT Security to Protect Connected Devices Critical to Patient Care
While a Zero Trust approach is critical to help protect medical devices against today’s innovative cyber threats, it’s hard to implement in practice. Through automated device discovery, contextual segmentation, least privilege policy recommendations, and one-click enforcement of policies, Palo Alto Networks Medical IoT Security deliver a Zero Trust approach in a seamless, simplified manner. Medical IoT Security also provides best-in-class threat protection through seamless integration with Palo Alto Networks cloud-delivered security services such as Advanced Threat Prevention and Advanced URL Filtering.
“The proliferation of connected medical devices in the healthcare industry brings a wealth of benefits, but these devices are often not well secured. For example, according to Unit 42, an alarming 75% of smart infusion pumps examined on the networks of hospitals and healthcare organizations had known security gaps,” said Anand Oswal, senior vice president of products, network security at Palo Alto Networks. “This makes security devices an attractive target for cyber attackers, potentially exposing patient data and ultimately putting patients at risk.”
The new Palo Alto Networks Medical IoT Security uses machine learning (ML) to enable healthcare organizations to:
1. Automate device security: Create rules that can watch devices for behavioral anomalies and automatically trigger appropriate responses. For example, if a medical device that typically only sends small amounts of data at night suddenly begins to use a lot of bandwidth, the device can be cut off from the internet and security teams can be alerted.
2. View device risk posture: Get immediate insights into the risk posture of each device including end-of-life status, recall notification, default password alert and unauthorized
external website communication.
3. Understand device vulnerabilities: Access each medical device’s Software Bill of
4. Materials (SBOM) and map them to Common Vulnerability Exposures (CVEs). This mapping helps identify the software libraries used on medical devices and any associated vulnerabilities.
5. Verify network segmentation: Visualize the entire map of connected devices and ensure each device is placed in its designated network segment. Proper network segmentation can ensure a device only communicates with authorized systems.
6. Improve compliance: Easily understand medical device vulnerabilities, patch status and security settings then get recommendations to bring devices into compliance with rules and guidelines such as the Health Insurance Portability Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and similar laws and regulations.
7. Simplify operations: Two distinct dashboards allow IT and biomedical engineering teams to each see the information critical to their roles. Integration with existing healthcare information management systems, like AIMS and Epic Systems, helps automate workflows.
Healthcare organizations are using Palo Alto Networks products to secure devices that deliver cutting-edge care to millions of patients all over the world.
“Establishing and maintaining acute situational awareness of the Internet of Medical Things (IoMT) environment is paramount to establishing an effective enterprise cybersecurity program. The ability to accurately detect, identify and respond to cyber threats is critical to ensuring minimal operational impact to clinical operations during a cyber event,” said Tony Lakin, CISO, Moffitt Cancer Center. “Palo Alto Networks IoT capability seamlessly integrates with our continuous monitoring processes and threat-hunting operations. The platform consistently provides my teams with actionable information to allow them to proactively manage the threat surface of our medical device portfolio.”