CISA’s ICS Medical Advisory On CT Scanners & Cybersecurity – CEO Perspective

CISA’s ICS Medical Advisory (ICSMA-21-084-01) on the Philips Gemini PET/CT Family notes that sensitive patient information is stored in removable media without access control, presenting cybersecurity vulnerabilities. In response, an expert offers perspective on medical device cybersecurity.

Experts Comments

March 29, 2021
Matias Katz
CEO
Byos

Removable storage without proper access control is yet another example of the increasing number of vulnerabilities found in medical devices. These vulnerabilities highlight the need to rethink how we secure medical devices using zero trust principles. Healthcare Delivery Organizations rely on OEMs and 3rd party integrators to manage, patch, update, monitor and troubleshoot these medical devices inside of their networks - but they don't trust them. Security through endpoint micro-segmentation

.....Read More

Removable storage without proper access control is yet another example of the increasing number of vulnerabilities found in medical devices. These vulnerabilities highlight the need to rethink how we secure medical devices using zero trust principles. Healthcare Delivery Organizations rely on OEMs and 3rd party integrators to manage, patch, update, monitor and troubleshoot these medical devices inside of their networks - but they don't trust them. Security through endpoint micro-segmentation gives network owners the ability to isolate and manage medical devices without establishing implicit trust or configuring the network to allow external access. Granular control and visibility of sprawling medical device inventories will help HDOs move toward a more preventative approach to securing their networks.

  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.