Palo Alto launches medical IoT cyber security protection


Palo Alto Networks is to introduce new features and capabilities for medical Internet-of-Things (IoT) devices to protect them against cyber attacks.

The company has launched Medical IoT Security, a comprehensive Zero Trust security solution specifically for digital healthcare.

Zero Trust is the highest level of cyber security and requires all internal and external users to be authenticated, authorised and continuously validated before gaining access to applications and data.

The new Palo Alto Networks Medical IoT Security makes use of machine learning and supports organisations to deploy and manage new connected technologies quickly and safely.

It can be integrated with existing healthcare information management systems, like AIMS and Epic Systems, to help automate workflows.

The solution allows users to create device rules with automated security responses, for example monitoring for behaviour anomalies and triggering appropriate responses.

Recommended least-privileged access policies for medical devices can also be enforced with one click using Palo Alto Networks’ next-gen firewalls or supported network enforcement technologies.

This takes away the need for manual policy creation which can lead to errors and be time-consuming and allows it to be scaled across a set of devices.

Other capabilities include understanding device vulnerabilities and risk posture to gain immediate insight, improving compliance with rules and guidelines, and verifying network segmentation.

In addition, Medical IoT Security seamlessly integrates with Palo Alto Networks’ cloud-delivered security services to deliver threat protection.

Digital devices are widely used within the healthcare industry, particularly for diagnostics and monitoring, and include ambulance equipment and surgical robots.

Yet, 98% of all medical IoT device traffic is unencrypted, while 57% of IoT devices are vulnerable to medium or high-severity attacks, according to research from Unit 42, Palo Alto Networks’ threat intelligence and consulting arm.

Anand Oswal, senior vice president of products, network security at Palo Alto Networks, said: “The proliferation of connected medical devices in the healthcare industry brings a wealth of benefits, but these devices are often not well secured.

“For example, according to Unit 42, an alarming 75% of smart infusion pumps examined on the networks of hospitals and healthcare organisations had known security gaps.

“This makes security devices an attractive target for cyber attackers, potentially exposing patient data and ultimately putting patients at risk.”