Shutterstock
Ignite 2022 Day 2: Palo Alto Networks Zeroing In on Medical Device Security
PALO ALTO NETWORKS IGNITE — On Day 2 of Ignite 2022, Palo Alto Networks focused on the importance of medical device security to stop the barrage of cyberattacks on health care organizations that are putting patients’ lives in jeopardy.
Anand Oswal, Palo Alto Networks’ senior vice president of products, network security, gave a briefing on medical IoT security during this week’s Ignite 2022 conference in Las Vegas.
Last week, Palo Alto Networks announced Medical IoT Security, a comprehensive zero trust security solution for medical devices. It enables health care organizations to deploy and manage new connected technologies. Zero trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust by continuously verifying every user and device.
Palo Alto’s Anand Oswal
Oswal said health care providers around the world are reimagining patient experience with the use of smart medical devices. These devices are providing breakthrough improvements in patient outcomes. However, they an introduce new threat vectors and become vulnerable assets.
Connected Devices Bring Greater Risk
With connected devices, health care organizations are enhancing patient experience, improving patient outcomes, increasing efficiencies and reducing costs, Oswal said.
All these connected devices bring greater risk, he said. From 2020 to 2021, there was a 200% increase in cyberattacks on health care organizations. At the same time, there’s been a massive increase in devices coming to health care. And by 2030, 1.3 billion additional devices will be coming to health care.
“As a result of these attacks, patient data is compromised, hospital operations are halted and patients’ lives are at risk,” Oswal said.
Some 83% of imaging systems are powered by end-of-life operating systems, he said. Seventy-five percent of infusion pumps have unpatched vulnerabilities. Furthermore, 72% of health care organizations have a mix of IT and medical devices within the same network.
“Vending machines are on same network as medical ER devices,” Oswal said.
You Can’t Protect What You Can’t See
A common instinct when attacked is to shut down and isolate, but that’s not possible with critical infrastructure like health care, Oswal said.
“Why’s it so hard securing medical IoT?” he said. “If you can’t see it on the network, you can’t do anything about it. You’re telling me I have a leak in my house, but not where, what my home warranty is, etc. That’s not good enough.”
Adopting a zero trust approach to securing medical devices is critical, Oswal said.
“Secondly, it’s important to proactively manage your medical devices and simplify compliance,” he said. “Third, simplify security operations and reduce total cost of ownership (TCO).”
Zero trust means knowing and understanding what is connected on your network, and reducing risk with least privilege access controls, while continuously monitoring to block known and unknown threats.
“Know how and when your critical medical devices are being used,” Oswal said. “Safely onboard, optimize and retire your devices. And know your compliance.”
What’s Driving SASE, ZTNA 2.0 Adoption
Palo Alto’s Kumar Ramachandran
During another Ignite 2022 briefing, Kumar Ramachandran, Palo Alto Networks senior vice president of product and go to market, talked about what’s driving adoption of secure access service edge (SASE) and zero trust network access (ZTNA) 2.0. ZTNA 2.0 combines least-privileged access with continuous trust verification, and ongoing security inspection to protect all users, devices, apps and data everywhere.
What’s driving adoption of SASE and ZTNA 2.0 is hybrid work and hybrid cloud, he said.
“We’ve seen a decade or two’s worth of IT transformation get compressed in the last two years,” Ramachandran said. “If you think about it … how we used to build IT and network security infrastructure for the last three decades was mostly branches. People coming to work in a certain location, driving traffic toward a data center, apply security crossing and network crossing, and then from there the traffic goes …
- Page 1
- Page 2
