DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Palo Alto Networks Announces Medical IoT Security to Protect Connected Devices Critical to Patient Care

Palo Alto Networks | December 05, 2022 | Read time : 03:50 min

Palo Alto Networks Announces Medical IoT Security
As healthcare providers use digital devices such as diagnostic and monitoring systems, ambulance equipment, and surgical robots to improve patient care, the security of those devices is as important as their primary function. Today, Palo Alto Networks (NASDAQ: PANW) announced Medical IoT Security — the most comprehensive Zero Trust security solution for medical devices — enabling healthcare organizations to deploy and manage new connected technologies quickly and securely. Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust by continuously verifying every user and device.

"The proliferation of connected medical devices in the healthcare industry brings a wealth of benefits, but these devices are often not well secured. For example, according to Unit 42, an alarming 75% of smart infusion pumps examined on the networks of hospitals and healthcare organizations had known security gaps. "This makes security devices an attractive target for cyberattackers, potentially exposing patient data and ultimately putting patients at risk."

Anand Oswal, senior vice president of products, network security at Palo Alto Networks

While a Zero Trust approach is critical to help protect medical devices against today's innovative cyberthreats, it can be hard to implement in practice. Through automated device discovery, contextual segmentation, least privilege policy recommendations and one-click enforcement of policies, Palo Alto Networks Medical IoT Security delivers a Zero Trust approach in a seamless, simplified manner. Medical IoT Security also provides best-in-class threat protection through seamless integration with Palo Alto Networks cloud-delivered security services, such as Advanced Threat Prevention and Advanced URL Filtering.

The new Palo Alto Networks Medical IoT Security uses machine learning (ML) to enable healthcare organizations to:

  • Create device rules with automated security responses: Easily create rules that monitor devices for behavioral anomalies and automatically trigger appropriate responses. For example, if a medical device that typically only sends small amounts of data unexpectedly begins to use a lot of bandwidth, the device can be cut off from the internet and security teams can be alerted.
  • Automate Zero Trust policy recommendations and enforcement: Enforce recommended least-privileged access policies for medical devices with one click using Palo Alto Networks Next-Generation Firewalls or supported network enforcement technologies. This eliminates error-prone and time-consuming manual policy creation and scales easily across a set of devices with the same profile.
  • Understand device vulnerabilities and risk posture: Access each medical device's Software Bill of Materials (SBOM) and map them to Common Vulnerability Exposures (CVEs). This mapping helps identify the software libraries used on medical devices and any associated vulnerabilities. Get immediate insights into the risk posture of each device, including end-of-life status, recall notification, default password alert and unauthorized external website communication.
  • Improve compliance: Easily understand medical device vulnerabilities, patch status and security settings, and then get recommendations to bring devices into compliance with rules and guidelines, such as the Health Insurance Portability Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and similar laws and regulations.
  • Verify network segmentation: Visualize the entire map of connected devices and ensure each device is placed in its designated network segment. Proper network segmentation can ensure a device only communicates with authorized systems.
  • Simplify operations: Two distinct dashboards allow IT and biomedical engineering teams to each see the information critical to their roles. Integration with existing healthcare information management systems, like AIMS and Epic Systems, helps automate workflows.

Healthcare organizations are using Palo Alto Networks products to secure the devices that deliver cutting-edge care to millions of patients all over the world.

"Establishing and maintaining acute situational awareness of the Internet of Medical Things (IoMT) environment is paramount to establishing an effective enterprise cybersecurity program. The ability to accurately detect, identify and respond to cyber threats is critical to ensuring minimal operational impact to clinical operations during a cyber event," said Tony Lakin, CISO, Moffitt Cancer Center. "Palo Alto Networks IoT capability seamlessly integrates with our continuous monitoring processes and threat-hunting operations. The platform consistently provides my teams with actionable information to allow them to proactively manage the threat surface of our medical device portfolio."

"With thousands of devices to manage, healthcare environments are extremely complex and require intelligent security solutions capable of doing more. Palo Alto Networks understands this requirement and is leveraging machine learning (ML) for Medical IoT security. Adding intelligence will enable providers to improve operational efficiency, which will enhance patient and practitioner experience and alleviate the burden of an ongoing IT skills shortage," said Bob Laliberte, principal analyst, ESG.

"Healthcare providers continue to be high-value targets for attackers. This reality, combined with the diversity of medical IoT devices and their inherent vulnerabilities, points to a real need for device security that is purpose-built for healthcare use cases. The ability to defend against threats targeting critical care devices while maintaining operational availability and strengthening the alignment of device governance responsibilities between IT and Biomed engineering teams is quickly becoming a necessity for the protection of patient data and lives," said Ed Lee, research director, IoT and Intelligent Edge Security, IDC.

About Palo Alto Networks
Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Spotlight

An SAP S/4HANA transformation is not only a technical upgrade, but an economic imperative. In a recent study, the majority of international IT experts name “business innovation” and “process optimization” as the primary reasons to migrate to SAP S/4HANA. Still, only 12% of companies surveyed have completed this transformation –


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Balbix Announces Cybersecurity Posture Automation Support for Google Cloud Platform

Balbix | November 17, 2022

Balbix, provider of the world's leading platform for cybersecurity posture automation, announced today the general availability of support for Google Cloud Platform (GCP). Security teams can now use Balbix to easily quantify, prioritize and mitigate risks in their Google Cloud environments. With this announcement, Balbix has also extended its Cyber Asset Attack Surface Management (CAASM) solution to support multi-cloud environments that span both GCP and Amazon Web Services. The rapid move to the cloud has made IT environments more complex to manage and secure. As a result, security teams struggle to get a consolidated view of risk. Yet, 63 percent of organizations say they look at security posture in the cloud separately from on-premises, according to Cybersecurity Insiders' 2002 State of Security Posture Report. "Our customers' environments can include over 1 million assets, spread across multiple clouds and their own facilities. Managing an attack surface this large is no longer a human-scale problem. "With Balbix's new support for GCP, our customers can use automation to manage cybersecurity posture across more of their environment." Gaurav Banga, Founder and CEO of Balbix Cyber Security Posture Automation for Google Cloud Platform Balbix now provides support for popular Google Cloud services, including Compute Engine, Cloud Storage, Cloud SQL, Google Kubernetes Engine (GKE) Cluster & Deployments, Cloud Functions, Cloud Key Management Service (KMS), Pub/Sub and Secret Manager. As a result, Balbix customers with Google Cloud environments can use automation and advanced analytics to: Get comprehensive, near real-time visibility of their Google Cloud assets. Combine data from Google Cloud with their other IT and security tools to gain security and business context for their assets. Discover misconfigurations – the most exploited attack vector for the cloud – as well as unpatched software vulnerabilities, weak credentials and trust issues. Measure risk in terms of breach likelihood and business impact in order to prioritize remediation. Calculate and report on cyber risk quantified in dollars (or other currencies) instead of risk scores Cyber Asset Attack Surface Management for Multi-Cloud Environments The addition of support for GCP extends Balbix's CAASM solution to multi-cloud environments. Security practitioners no longer need to use multiple tools or combine data manually from these tools in a custom spreadsheet to understand their security posture. They can see the relationships between assets, applications and users no matter where the assets are in the cloud or on-premises. They can also identify any gaps in coverage for security controls. Balbix provides more than just visibility. Unlike other vendors, Balbix combines CAASM with Risk-Based Vulnerability Management (RBVM) and Cyber Risk Qualification (CRQ) solutions so security teams are able to immediately take action to reduce their cyber risk. They can continuously identify, prioritize and mitigate security issues as they emerge, while quantifying and tracking residual cyber risk in dollars. Daily cybersecurity decisions – operational as well as executive – can be made using a unified and up-to-date view of cyber risk. "By adding support for Google Cloud, Balbix has broadened its risk model to be inclusive of multiple public cloud platforms and allowed organizations to better measure their overall cyber risk," said Ed Amoroso, Founder and CEO of research and advisory firm TAG Cyber. "Customers can leverage this unified risk model to quantify cyber risk by business unit, geography, site, asset type or business owner – and quickly remediate those risks." The API-based Balbix Connector for Google Cloud Platform collects asset inventory and misconfiguration data and is available now. Visibility into other types of vulnerabilities is provided by optional Balbix sensors. These sensors also catalog the software bill of materials (SBOM) of applications running in GCP. Data collected by Balbix connectors and sensors is automatically deduplicated, correlated and inferenced to provide security teams with an accurate and unified view of risk. About Balbix Balbix enables businesses to reduce cyber risk by identifying and mitigating their riskiest cybersecurity issues faster. Our SaaS platform, the Balbix Security Cloud™, ingests data from businesses' security and IT tools so they can understand every aspect of their cybersecurity posture, build a unified cyber risk model and obtain actionable insights for risk reduction. With Balbix, businesses can automate inventory of their cloud and on-premise assets, conduct continuous risk-based vulnerability management and quantify cyber risk in dollars. Executives and operational teams can make cybersecurity decisions based on data not opinions.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Sentra Joins Cloud Security Alliance

Sentra | November 04, 2022

Sentra, a cloud data security company, today formally announced that it has joined the Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. Backed by Bessemer Venture Partners and Zeev Ventures, Sentra enables security teams to gain full visibility and control of cloud data, as well as protect against sensitive data breaches across the entire public cloud stack. The company was recently recognized by Gartner® as a Sample Vendor for Data Security Posture Management in the Hype Cycle™ report for Data Security 2022.1 "As enterprise cloud adoption has accelerated across industries over the past two years, data security has become an inevitable challenge for all organizations –– Sentra's platform takes the guesswork out of what data needs to be protected. "We look forward to collaborating with CSA's extensive network of industry peers to create a secure cloud environment for all organizations. With Sentra's new North American headquarters in New York City, we're eager to align our product mission and security expertise with CSA's initiatives as we expand our global customer base." Yoav Regev, co-founder and CEO of Sentra "We're excited to welcome Sentra as a member of CSA," said Jim Reavis, co-founder and CEO of the Cloud Security Alliance. "Sentra's visibility-driven data security platform and its founders' decades of cyber security experience are an asset to our organization. We look forward to collaborating with Sentra to increase awareness of the importance of data protection in the cloud." GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. About Sentra Sentra is a cloud data security platform that helps organizations discover and remediate the top data security risks in their public cloud. Sentra automatically detects if sensitive data is vulnerable due to misconfigurations, over-permissions, unauthorized access, data duplication or other security issues. The company was founded in 2021 in Tel Aviv, Israel, and has raised $23 million in seed funding to date. The company is now co-headquartered in New York City and Tel Aviv. About the Cloud Security Alliance The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA's activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Safe Security Launches First Cybersecurity MGA to Underwrite Cyber Insurance Based on Continuous “Inside-Out” Cyber Risk Telemetry

Safe Security | December 19, 2022

Safe Security Inc., global leader in cyber risk quantification and management (CRQM), today launched SafeInside Insurance, the first cybersecurity Managing General Agent (MGA) leveraging API-based cyber risk telemetry and quantified insights to underwrite cyber insurance. Backed by an AM Best “A-rated” carrier and panel of prominent, global reinsurance partners, SafeInside is introducing dynamic insurance policies for companies hosted in one or a combination of the leading public cloud service providers and leading SaaS solutions. For example, Amazon Web Services, Microsoft Azure and Microsoft Office 365, Google Cloud Platform and Google Workspace, Salesforce, and Zoom. “Safe Security is thrilled to become the world’s first MGA for cyber insurance using actual cyber telemetry for underwriting. Our vision is to establish a new, de-facto industry standard for how cyber insurance is underwritten, and to provide more transparency between the investment in cybersecurity and cyber insurance. “We are paving the way for a sustainable, profitable cyber insurance ecosystem based on trust and certainty for all stakeholders. Safe Security looks forward to helping insurance buyers get the right cyber insurance policy at the right price for their organization’s specific requirements, as well as assisting brokers and underwriters make more informed decisions and dynamically adjust their portfolios.” Saket Modi, co-founder and CEO, Safe Security The underwriting process through SafeInside takes less than 20 minutes to assess an organization. All insureds also receive access to the SAFE CRQM platform, winner of the 2022 CISO Choice Award for Risk Management, which simultaneously accumulates signals using APIs from existing cybersecurity products, external threat intelligence, and business context to provide unprecedented visibility into possible areas of cyber exposure, and the exact financial risk associated with those cyber exposures. With an objective of improving underwriting standards across the industry, Safe Security will also provide access to its cyber risk quantification platform to other carriers and reinsurers. Safe Security recently announced a partnership with Mosaic Insurance to offer real-time cyber risk evaluation. “Safe Security’s inside-out approach is differentiated from existing market offerings by focusing on the most common techniques used by attackers and examining how attackers think and behave, not how internal IT teams think they behave,” added Steven Schwartz, VP of Insurance Strategy and Underwriting, Safe Security. “This approach removes subjectivity, allowing companies to answer questions about their security controls with precision instead of guess work, at all times. We are working with the entire insurance ecosystem to improve the standards of cyber underwriting.” About Safe Security Safe Security Inc. is a leader in cyber risk quantification and management (CRQM), with a mission to build a safer digital future. Safe Security’s CRQM platform – SAFE – enables organizations to manage cyber risks in real-time. Its platform automatically collects signals from inside and outside a company’s environment to give the company-specific cyber risk rating, or SAFE Score, the financial impact of a potential breach, and an action plan. This enables organizations to have a common language across teams - from the board all the way down to an analyst - to align with a consistent risk metric. Other benefits include justifying investments in cybersecurity and purchase of cyber insurance for the organization.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Malwarebytes and Stellar Cyber Partner to Investigate and Mitigate Cyber Threats

Malwarebytes | November 28, 2022

Malwarebytes, a global leader in real-time cyber protection, today announced a new partnership with Stellar Cyber, an industry-leading Open XDR platform that delivers comprehensive, unified security without complexity. The partnership helps resource-constrained teams produce consistent security outcomes across all environments; on-premises, cloud and anything in between. The partnership comes at a critical time in the cybersecurity landscape, as security products become more complex and IT teams spend more time maintaining their security controls, instead of investigating and mitigating cyber threats. According to a 2020 report from Palo Alto Networks, only 46 percent of security operations decision makers are satisfied with their current ability to detect threats. "They point to wasted time chasing false leads, poorly integrated security tools, and a large learning curve for effectively using those tools," according to the report. "Every security team should be able to deliver continuous, consistent security regardless of their skills or experience. "By tightly integrating Malwarebytes' cutting-edge EDR technology with the Stellar Cyber Open XDR platform, IT teams are able to close the gaps between security controls that attackers exploit." Andrew Homer, Vice-President of Technology Alliances at Stellar Cyber The integration pairs Malwarebytes' EDR solution–which collects detailed threat information for analysis and investigation–with the Stellar Cyber Open XDR Platform that ingests, normalizes, and enriches security data, including endpoints, network, cloud and logs into a single repository. Malwarebytes EDR collects critical endpoint and server data and sends it to Stellar Cyber, which analyzes the data to identify potential threats. As security analysts complete investigation in Stellar Cyber, response actions are sent to Malwarebytes to eliminate the threat. "Today's IT and security teams spend more time sifting through data than eliminating actual threats. Organizations need real-time data sharing and visibility to enable decisive actions before attackers are successful," said Brian Thomas, Malwarebytes Vice President of Worldwide MSP and Channel programs. "Stellar Cyber shares our mission to simplify cybersecurity for resource-constrained organizations. Together we uniquely deliver an intelligent and automated solution that allows security teams to be more efficient, and organizations more productive and protected." About Stellar Cyber Stellar Cyber Open XDR platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill to successfully secure their environments. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley. About Malwarebytes Malwarebytes believes that when people and organizations are free from threats, they are free to thrive. Founded in 2008, Malwarebytes CEO Marcin Kleczynski had one mission: to rid the world of malware. Today, that mission has expanded to provide cyberprotection for every one. Malwarebytes provides consumers and organizations with device protection, privacy, and prevention through effective, intuitive, and inclusive solutions in the home, on-the-go, at work, or on campus.

Read More

Spotlight

An SAP S/4HANA transformation is not only a technical upgrade, but an economic imperative. In a recent study, the majority of international IT experts name “business innovation” and “process optimization” as the primary reasons to migrate to SAP S/4HANA. Still, only 12% of companies surveyed have completed this transformation –

Resources