Palo Alto Networks launched an IoT security product for health care that uses machine learning and crowd-sourced telemetry to profile medical devices on the network, find vulnerabilities, and block threats.

As hospitals and medical facilities use more network-connected devices, they also increase their security risks. According to a recent report from Unit 42, Palo Alto Networks’ threat intelligence team, 83% of medical imaging devices run on unsupported operating systems, which makes them potential avenues for attackers.

Attacks on medical devices can disrupt patient care and allow attackers to steal patient data, and we’ve seen these types of attacks skyrocket as hackers target health care organizations already hit hard by the COVID-19 pandemic.

Palo Alto Networks’ technology addresses these security risks by first profiling devices on the network and then pushing machine-learning-powered policy recommendations to the devices. It also offers intrusion prevention to block exploits, sandboxing to detect and prevent IoT malware, and URL and DNS security to stop IoT attacks via the web.

The product, which is available now, gives biomedical and clinical engineering teams visibility into how, when, and where medical devices on their network are being used. This helps health care organizations to optimize resource allocation, improve patient care, make capital planning decisions, and reduce maintenance costs, the vendor says.

Palo Alto Networks’ IoT security uses Manufacturer Disclosure Statement for Medical Device Security (MDS2) data for vulnerability analysis and anomaly detection as well as to recommend security policies. MDS2 is a standardized form that manufacturers fill out to provide information about their devices’ security, and many hospitals require this documentation to ensure that their medical device pass muster with their security and privacy requirements.

The product also uses medical-specific protocols, which feed into Palo Alto Network’s App-ID for expanded discovery and security for medical IoT devices and health-care applications. App-ID is Palo Alto Network’s traffic classification system in its firewalls that determines what an application is.

Valley Health System increased its device visibility with Palo Alto Network’s IoT security, said Miroslav Belote, chief information security officer for the health care system in New York and New Jersey. “We gained complete visibility to over 4,000 non-traditional IT devices, about 30% more devices than what we had prior,” he said in a statement. “We now plan to extend our inventory, vulnerability detection, and prevention process and practice as an integral part of our ongoing efforts to protect our IT and IoT assets.”

GE Healthcare also uses Palo Alto Networks’ IoT security in its medical device cybersecurity managed services. The company provides managed device monitoring, vulnerability management, and remediation to hospitals, and it partnered with Palo Alto Networks because its technology supports medical equipment in addition to other devices, GE Healthcare CISO Matt Silva said.