Palo Alto Networks looks to shore up healthcare IoT security

Palo Alto Networks today rolled out a new Medical IoT Security offering, designed to provide improved visibility, automated monitoring, and more for hitherto vulnerable healthcare IoT frameworks, thanks to machine learning and adherence to zero-trust principles.

Medical device security is a serious problem for most organizations in healthcare, with a long string of reported vulnerabilities in the area stretching back for years. Fundamentally, experts agree, a large part of the problem is that many connected devices being used in medicine were not originally designed for network connectivity. With that feature grafted on after the fact, rather than being designed in from the outset, unsafe default configurations, reliance on compromised code libraries, and a host of other serious issues have continually arisen.

Palo Alto’s healthcare IoT application attempts to circumvent some aspects of the problem by using machine learning for autodiscovery and behavioral tracking of connected devices. Having a full device inventory is already a step forward for many organizations, and, absent built-in security measures, machine-learning-based tracking of behavioral anomalies may be a further improvement in security posture for threats to vulnerable medical hardware.

Analysis determines regulatory compliance for security settings

The company also touts its new product’s capabilities in the realm of compliance, with dedicated analysis of patches and security settings to determine whether they fit regulatory frameworks like HIPAA and GDPR. Additionally, network segmentation—another key method of protecting leaky medical devices from outside threats—is also a core part of Palo Alto’s new product, which offers a visual map of which devices are allowed to communicate with one another.

Meanwhile, the company’s visibility functionality provides automated software bill of materials (SBOM) analysis of all connected devices on the network, comparing them to known vulnerabilities and alerting when CVEs (common vulnerabilities and exposures) are found.

Beyond simple design flaws, medical IoT gadgetry also suffers from access control issues—many vulnerable devices are located in public hospital wards and clinics, meaning that bad actors often have a simple time gaining physical access to them. The pandemic, which pushed many healthcare providers to offer telehealth and virtual care services, only exacerbated the situation.

“The security challenges of medical devices make them an attractive target for cyberattackers,” Palo Alto senior vice president of products Anand Oswal said in a statement accompanying the product’s release. “Attacks on these devices can expose patient data, halt hospital operations, lead to reduced levels of care, and ultimately put patient well-being at risk.”

Palo Alto said that its medical IoT security product would be available in January 2023. It will be sold as a paid add-on to the company’s core firewall products, which are available in hardware, virtual machine, or cloud-delivered form factors. The price is based on a percentage of the list price for the firewall device it is being used with, for the duration of the service. The license for the application can be purchased for a specific amount of time.