Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Cloud

12/1/2020
11:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Philips Expands Its Healthcare Customer Services Portfolio with Integrated Cybersecurity Services

Philips partners with CyberMDX, a leader in connected medical device security, to provide vendor-neutral solutions to protect connected medical systems and devices

November 30, 2020

Amsterdam, the Netherlands – Royal Philips (NYSE: PHG, AEX: PHIA), a global leader in health technology, today announced the introduction of the Philips Cybersecurity Services for seamlessly integrating and enhancing strategic security solutions for Philips customers. The Philips Cybersecurity Services comprise an end-to-end suite of technologies and services to safeguard customers’ medical systems, devices and related software solutions regardless of their manufacturer, helping empower digital transformation in healthcare.

Created as a platform for partnership with healthcare customers, the Cybersecurity Services help define and implement strategic and tactical software and device protection. The Cybersecurity Services are designed to be customized and optimized for present and emerging individual customer needs for their healthcare environments. As requirements evolve, the Cybersecurity Services will provide guidance on how to adapt to provide optimum protection and support. The services will initially be deployed in the U.S., with expansion to other geographies planned for 2021.

Philips’ integrated Cybersecurity Services are supported by a new partnership with CyberMDX, a leading provider of healthcare cybersecurity capabilities for hospital digital environment mapping and evaluation, medical device risk assessment, security prioritization, threat detection and intelligence, intrusion prevention, and related support. Data and insights collected through CyberMDX form a core foundation for development and implementation of a full cybersecurity plan for individual customers.

“Successfully preventing cyber-threats and future-proofing digital healthcare environments requires a systemic, disciplined approach in both design and implementation, as well as strong partnerships,” said Conrad Smits, Head of Global Services and Solutions at Philips. “We are pleased to partner with CyberMDX, and through our complementary tools and expertise, we will be able to provide an integrated cybersecurity service offering for our customers.”

“Both CyberMDX and Philips strive to make healthcare a safer place by continuously building out more robust cybersecurity solutions,” said Amir Magner, Co-founder and CEO of CyberMDX. “Our industry leading multi-vendor Healthcare Security Suite works to protect all connected devices in hospital environments, whether managed or unmanaged, by leveraging a combination of risk assessment, detection, threat intelligence and prevention capabilities.”

“The digitization of healthcare presents both opportunities and threats,” said Gal Gnainsky, Head of Security at Philips. “Connectivity plays a transformational role in healthcare, but potentially exposes patients and organizations to safety and security risks. Assuring the integrity of these devices, systems, and associated data requires a cohesive cybersecurity program based on comprehensive risk assessment and robust implementation.”

The Philips Cybersecurity Services comprise:

Cybersecurity Consulting – Security experts provide risk and vulnerability assessments of medical systems, regulatory compliance support, and guidance for seamlessly integrating security response and recovery across suppliers.

Cybersecurity Protection and Upgrade Services – Technology and service offerings work to keep systems secure through software upgrades to the latest security standards, medically validated OS patching, and network segmentation. Philips navigates the balance between required security protections, minimizing downtime, as well as maximizing the lifetime usage of systems and devices.

Cybersecurity Detection and Recovery Services – Identifying and monitoring the security posture of medical assets and systems 24/7. When needed, these services trigger response and recovery workflows. The services identify incidents with a focus on a healthcare context to avoid data overload, and then initiates remediation actions enabling operations to resume as soon as possible.

Cybersecurity Access & Audit Services – Access and audit services help maintain control over employee and vendor system access, and allow for streamlined/compliant auditing of procedures and data. This provides essential insights into a hospital’s security profile – indicating strengths and potential vulnerabilities.

Philips’ cybersecurity approach is defined by its end-to-end “Security by Design” principles, infusing security from product design and development, through testing and deployment – followed up with robust policies and procedures for monitoring, effective updates, and incident response management. Philips has also contributed to the development of national and international cybersecurity standards for medical devices. The Philips Cybersecurity Services aligns with global cybersecurity best practices and internationally recognized standards.

Visit Philips Live at RSNA 2020 for more information on Philips integrated workflow solutions to connect data, technology and people across the diagnostic enterprise, helping to redefine radiology workflow efficiencies.

Philips’ triple duty of care
The COVID-19 pandemic continues to highlight how interconnected the world’s social, economic and environmental challenges are. Philips remains fully focused on delivering against its triple duty of care: meeting critical customer needs, safeguarding the health and safety of its employees, and ensuring business continuity. As a purpose-driven health technology company, Philips is applying its innovation strength to improve the health and well-being of people. The company is deeply committed to doing business responsibly and sustainably, recently setting out a range of challenging new environmental, social and governance targets.

For further information, please contact:

Mario Fante
Philips Global Press Office
Tel.: +1 603 560 9226
E-mail: [email protected]

Steve Klink
Philips Global Press Office
Tel. : +31 6 10888824
E-mail : [email protected]

About Royal Philips
Royal Philips (NYSE: PHG, AEX: PHIA) is a leading health technology company focused on improving people's health and well-being, and enabling better outcomes across the health continuum – from healthy living and prevention, to diagnosis, treatment and home care. Philips leverages advanced technology and deep clinical and consumer insights to deliver integrated solutions. Headquartered in the Netherlands, the company is a leader in diagnostic imaging, image-guided therapy, patient monitoring and health informatics, as well as in consumer health and home care. Philips generated 2019 sales of EUR 19.5 billion and employs approximately 81,000 employees with sales and services in more than 100 countries. News about Philips can be found at www.philips.com/newscenter.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I can't find the back door.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21275
PUBLISHED: 2021-01-25
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...
CVE-2021-21272
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting