California-based Palo Alto Networks has expanded its IoT security offering to healthcare, simplifying ways to secure medical devices with machine learning (ML) and crowd-sourced telemetry.

Called IoT Security for Healthcare, it simplifies the securing of the internet of medical things (IoMT) through ML-powered visibility, prevention and enforcement, while offering insights on healthcare-specific devices and vulnerabilities. This helps improve data security and patient safety while meeting the needs of both IT and clinical engineering teams.

While the IoT has opened the door for innovative services across industries, it also presents cyber-security risks. This is particularly true in healthcare. According to a recent report from Unit 42, 83% of medical imaging devices are running on unsupported operating systems, making them potential avenues for attackers. Attacks on medical devices such as these can potentially disrupt the quality of care and allow attackers to steal patient data.

IoT Security is designed to ensure healthcare delivery organisations can realise the benefits of IoT for patient care without sacrificing security. It uses machine learning and crowd-sourced telemetry to profile all devices on the network, even those never seen before. It also offers ML-powered policy recommendations to reduce manual effort; intrusion prevention to block exploits; sandboxing to detect and prevent IoT malware; and URL and DNS security to stop IoT attacks via the web.

The healthcare and IoMT security features include:

• MDS² document ingestion: Manufacturer disclosure statement for medical device security documents allow medical device manufacturers to disclose the security-related features of their devices, allowing for deeper vulnerability analysis, tuned anomaly detection and specific recommended policies.
• Operational insights: These insights give biomedical and clinical engineering teams visibility into how, when and where medical devices on their network are being used, allowing teams to optimise resource allocation, improve patient care, make capital planning decisions and reduce maintenance costs.
• Expanded IoMT discovery: With the addition of other medical-specific protocols, App-ID now enables expanded discovery and security for unique IoMT devices and healthcare applications.

“The internet of medical things has the potential to improve healthcare, save lives and bring massive savings,” said Anand Oswal, senior vice president at Palo Alto Networks. “But if not properly secured, these same devices can pose huge risks. Our vision is to give healthcare organisations complete visibility, in-depth risk analysis and built-in prevention so they can get the maximum benefits from this transformative technology while reducing risks to patients and their data.”

Miroslav Belote, chief information security officer at Valley Health System, added: “Initially, Valley Health System’s primary objective was to better understand and enable vulnerability management of medical devices that connect to our network. As the initial step, we needed to identify those devices and understand how and where they connect within our infrastructure. As we looked at and explored various products, we saw great potential and benefits to identify not only biomed, but all network connected devices and systems.”

After several months of comparing various systems, it decided on IoT Security from Palo Alto Networks.

“IoT Security is simple, cloud-delivered, and can be deployed quickly,” said Belote. “The installation, configuration, and initial device discovery was straight forward. Within hours of turning on the system, we began seeing results – inventory, classifications, device and device risk profiles on thousands of devices. With Palo Alto Networks’ IoT Security, we gained complete visibility to over 4000 non-traditional IT devices, about 30% more devices than what we had prior. We now plan to extend our inventory, vulnerability detection, and prevention process and practice as an integral part of our ongoing efforts to protect our IT and IoT assets.”

Matt Silva, chief information security officer at GE Healthcare, said: “Hospitals are turning to GE Healthcare when looking for medical device cyber-security managed services. We augment their existing resources and capabilities by providing a 24/7 med tech security operations centre offering proactive monitoring, vulnerability management and remediation through our Skeye managed services offering. We partnered with Palo Alto Networks as its IoT Security has been specifically designed to look for and protect medical equipment in addition to other IoT devices. This enables us to provide our customers a comprehensive security programme with 360-degree visibility to their medical equipment.”