Armis, the unified asset visibility and security platform provider, today announced Oscar Miranda as its new Chief Technology Officer (CTO) for Healthcare. His appointment, the company says, further reinforces Armis’ strategic commitment to securing the healthcare sector, particularly when it comes to identifying and providing mitigation steps for vulnerabilities associated with connected devices within the healthcare ecosystem.
According to a recently published article by Fortified Health Security (Fortified), a strategic partner of Armis, more than 22 million people have been affected by healthcare data breaches in 2021 so far — a jump of about 185% from the same period last year. Therefore, visibility and detection of vulnerabilities within the healthcare devices ecosystem is a must.
In fact, Armis recently identified a set of nine critical vulnerabilities in the leading solution for pneumatic tube systems (PTS) in North America – the Translogic PTS system by Swisslog Healthcare. In his new role, Oscar will collaborate with the Armis research team to continue to identify vulnerabilities associated with connected devices used to deliver essential health services within a hospital setting. He will also partner with affected device manufacturers to establish both mitigation and remediation steps.
Most hospital networks have not implemented and operationalised network segmentation between clinical and non-clinical devices, thus exposing security control gaps that allows a Cyber Threat Actor (CTA) the opportunity to compromise a vulnerable device and pivot to laterally move within an organisation undetected.
Oscar is an information security thought leader with 25 years of experience, of which 18 years were spent in healthcare implementing controls for securing and protecting the privacy of electronic health information. At Armis, he will evaluate all strategic partnerships to ensure healthcare customer needs are met and will report to Nadir Izrael, co-founder and Global CTO at Armis.
“The recent identification, by our research team, of the vulnerabilities within the pneumatic tube systems is validation that in order to effectively identify risk within a hospital setting you MUST have visibility to all devices that support the medical workflow used to deliver essential health services,” said Oscar Miranda, CTO of Healthcare at Armis. “I welcome the opportunity to support the teams within Armis to further expand and enhance current capabilities to identify and detect vulnerabilities for both clinical and nonclinical devices to assist our customers in taking a risk-based approach for managing cyber risk to ensure patient safety… first, do no harm.”
Implementing a successful medical device security strategy requires a multi-faceted approach that takes into account the entire healthcare device ecosystem in addition to connected medical devices. Mapping this data to clinical workflows and creating a holistic visual of prioritized risk transforms security operations and allows information security strategy to be aligned with resilience and continuity of operations.
