Palo Alto Networks has added new capabilities to its Medical IoT Security product, which it says will take connected device security in healthcare to the next level. While the proliferation of connected medical devices is an important enabler of high-quality patient care, it also brings an increased risk of vulnerability to security breaches, cyber-attacks and service disruptions.
Solutions such as Palo Alto Networks’ Medical IoT Security offer healthcare security decision makers the opportunity to take a proactive approach to reducing that risk by providing end-to-end visibility across the entire network.
Among the benefits delivered by the new capabilities are more comprehensive device visibility through improvements in device discovery; easier understanding of device context and risk through intuitive visualisation; improved efficiency of vulnerability remediation through risk-based prioritisation; and unified, simplified security management.
Seeing is believing
Device discovery is the first step to securing critical medical devices, but you can’t secure what you can’t see. Palo Alto Networks already takes a robust approach to device discovery, and continues to enhance its Machine Learning (ML) algorithm to discover and classify new network-connected devices at scale.
However, device attribute data is not always readily retrievable from network traffic logs – there may be insufficient traffic to analyse, for example, or data from remote devices does not pass through the hospital firewall. The introduction of selective polling means the product can now retrieve this data when it is not available through passive network traffic analysis.
Intuitive visualisation
Hospital network security managers need simple and modern visualisation tools to draw actionable insights from the increasingly rich and diverse volume of medical device data. Palo Alto Networks has added a number of updates to its device details page to provide users with a greater understanding and control of their connected devices. These include an at-a-glance view of 20 key device attributes, which can be selected from a list of more than 100, and visualisation tools that help users to spot and investigate anomalous or risky device behaviour.
These new capabilities give both network security and biomedical/clinical engineering teams the choice of drilling down into device information tailored to their specific needs, take remedial action or use insights to plan preventative maintenance or vulnerability scans.
Managing vulnerability
Service disruption caused by a cyber security attack can have an impact on patient outcomes as well as revenues. Palo Alto Networks has introduced risk-based vulnerability priority classification to help reduce operational risk, which evaluates threat likelihood indicators and the impact on a healthcare institution should its clinical assets be compromised.
This subscription feature also offers virtual patching capabilities. These can help to prevent cyber-attacks from exploiting known vulnerabilities by applying compensating controls to mitigate risk while asset owners await maintenance windows for potential patching, thereby extending the lifespan of End of Life (EOL) devices. This allows clinical and security teams to keep critical systems available and reliable while delivering patient care.
Closing the loop
Palo Alto Networks aims to give customers full visibility and protection of all network-connected endpoints within a single platform. In hospitals, this requires a mainstream, network-based, comprehensive platform approach to securing all connected devices. Medical IoT Security is now fully integrated with the vendor’s recently announced Strata Cloud Manager (SCM), an AI-powered, Zero Trust management solution which strengthens security and prevents network disruptions consistently across all enforcement points.
It has also integrated the product with Cortex XSIAM, its AI-driven platform which combines Security Operations Center (SOC) capabilities, uses AI for accurate threat protection, and applies an automation-first approach to security operations. This unifies security operations management across all connected endpoints within one seamless interface.
###
To learn more about how your healthcare organisation can benefit from these new capabilities, attend an upcoming Hands-on-workshops and try out the product for free by registering here to get a 30-day trial of Medical IoT Security.
This post was originally published on the 3rd party site mentioned in the title of this this site