Palo Alto Networks Introduces Medical IoT Security

Showing results for 
Show  only  | Search instead for 
Did you mean: 
L4 Transporter



The increased adoption of IoT within the healthcare industry, in everything from patient health monitoring to smarter facilities, has resulted in improved patient care and outcomes and operational efficiencies previously unattainable. However, attacks on healthcare providers have been on the rise. In fact, the healthcare industry is the highest breached industry with the highest average cost of breach compared to others over the past 11 years (2010-2021).


Palo Alto Networks has announced a solution for healthcare providers: Medical IoT Security.


Zero Trust-Based Medical IoT Security


In response to the life-threatening attacks on connected healthcare devices, Palo Alto Networks designed a solution purpose-built to protect them. Medical IoT Security, based on the principles of Zero Trust security, provides comprehensive protection for connected medical devices that have exposed healthcare providers to the brunt of cybercriminals’ nefarious attacks. 


The Zero Trust-based Medical IoT Security framework provides a set of unified guiding principles and tools for cybersecurity teams, clinical engineering teams, compliance teams, and other stakeholders in the healthcare system.  


Medical IoT Security enables healthcare organizations to:


  • Quickly discover and assess every device: Combines machine learning with Palo Alto Networks App-ID™ technology and crowdsourcing to provide visibility and insights into all medical, IoT, and IT devices, even those never seen before. 
  • Easily segment devices and enforce security policies: Automates Zero Trust protections with least privilege policy recommendations, one-click enforcement, and context-aware segmentation to stop zero-day threats from spreading.
  • Protect against known and unknown threats: Uses inline ML to detect risk and anomalous activity before an attack can be launched.
  • Simplify operations: Integrates with existing IT and security solutions to eliminate medical device blind spots and automate workflows.


Some of the Medical IoT Security features designed specifically for the healthcare industry include:


  • Network segmentation verification: Visualize the entire map of connected devices and ensure each device is placed in its designated network segment. Proper network segmentation can ensure a device only communicates with authorized systems.
  • Enhanced risk analysis with MDS2 and SBOM device information

    • Ingests Manufacturer Disclosure Statement for Medical Device Security (MDS2) information to extract the security-related features of their products to enable deeper vulnerability analysis.
    • Medical IoT Security maps certain applications and attributes in Software Bill of Material (SBOM) to Common Vulnerability Exposure (CVE) for more accurate medical device risk assessment. SBOM disclosure is a key requirement of the Executive Order on Improving the Nation’s Cybersecurity to help provide software transparency into the supply chain. Medical IoT Security can also share the SBOM information with backend systems like ServiceNow in industry standard data ingestion SPDX format. This capability adds to our current extensive risk and vulnerability assessment based on MDS2, CVEs, FDA Recalls, behavior anomalies, Unit42 Threat Research, and more.
  • Medical device data communication tracking: Medical IoT Security uses App-ID enhanced DPI engine to collect rich meta-data on IoT device communications. This meta-data is applied to the 3-tier ML to observe IoT device behaviors across 5 dimensions (e.g., application protocols, payloads, internal vs. internet destination communications (destinations, types, frequency & length of communications)) & compare them against expected/ trusted behaviors. Our ML algorithms equipped with device identity can identify anomalies, e.g.,: unexpected applications, abnormal internet & inter-VLAN communications.
  • Compliance adherence: Easily understand medical device vulnerabilities, patch status, and security settings, then get recommendations to bring devices into compliance with rules and guidelines, such as the Health Insurance Portability Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and similar laws and regulations. Medical IoT Security makes it easier for US, Germany, Singapore, Japan, and Australia customers to adopt IoT Security with local cloud hosting. The regional Medical IoT Security service availability ensures that the local data residency and localization needs, such as GDPR, are met. 
  • Operational insights: Automatically tracks operational insights such as the medical device operating hours, scan insights, patient experience, average use, vendor remote maintenance activity, side-by-side comparisons of medical devices, and many more. The feature gives biomedical and clinical engineering teams visibility into how, when, and where medical devices on their network are being used, allowing teams to optimize resource allocation, improve patient care, make capital planning decisions and plan preventive maintenance to minimize patient care disruptions. 
  • Best user experience: Two distinct dashboards allow IT and biomedical engineering teams to each see the information critical to their roles. Integration with existing healthcare information management systems, like AIMS and Epic Systems, helps automate workflows.


Feel free to share your questions, comments, and feedback in the section below.

Thank you for taking the time to read this blog.

Don't forget to hit the Like (thumbs up) button and subscribe to the LIVEcommunity Blog area.


Stay secure!

  • 324 Subscriptions
Register or Sign-in