Cybersecurity detection and recovery services

Philips Cybersecurity detection
and recovery services


Proactive monitoring of medical equipment for proper
security configuration and correcting known vulnerabilities

    Technologies are employed to identify medical assets, monitor their security posture and, when necessary, remediate recognised issues


    Philips Cybersecurity detection and recovery services are designed to proactively monitor and update your medical equipment security controls to mitigate vulnerabilities and reduce risk. Our teams support you in medical device security management by providing a comprehensive and consistent oversight of your systems’ security posture and the means by which to identify, prioritise and remedy non-compliance.

    Often equipment with assumed security protections are not configured appropriately and can weaken the security posture. Philips identifies incidents with specific healthcare context, to avoid data overload, and then closes the loop with remediation efforts, allowing you to resume operations as soon as possible. This removes the burden of assigning in-house resources to address what is a very complex issue.

    Benefits of detection and recovery

    Secure and maintain in one service

    Mitigate potential vulnerabilities

    Gain insight into fleet security status

    Solve event-driven incidents

    Reduce cybersecurity risks

    Maintain optimum uptime

    Philips Cybersecurity detection and recovery services are broken down into three distinct elements:

    Philips Medical Device Monitoring
    Philips Medical Device Monitoring
    Philips Incident Response
    Philips Incident Response
    Philips Incident Remediation
    Philips Incident Remediation

    As with all elements in our portfolio of cybersecurity services, you may select the options that best suit your requirements.

    Constant vigilance
    Philips Cybersecurity Medical Device Monitoring


    Philips Proactive security monitoring identifies security issues around antivirus, whitelisting, firewall, and OS patch level statuses for your connected medical equipment. Potential weaknesses are assessed and alerts are created on cybersecurity vulnerabilities. Recommendations for actionable alerts are provided and response and recovery efforts are triggered.
    A device must be as protected as it possibly can be. Proactive monitoring checks to see if a device is up-to-date and configured correctly by focusing on three critical areas:

    Case creation

    Customer installed-based systems are set up for proactive security monitoring

    Proactive monitoring

    Devices and systems are continuously monitored, issues identified, and action taken
    Status of the operating system –
    Most cyberattacks happen due to a weakness in the operating system (i.e., MS BlueKeep access). Proactive monitoring checks the OS and flags those systems which require updates.
    Status of the antivirus protection –
    Antivirus software and definitions must be up-to-date to protect against the newest threats. This end point protection is critical to ensure proper whitelisting (explicit granting of access to applications).
    Status of the firewall(s)  –
    Firewalls must be turned on and configured correctly to safeguard their intended devices and systems.

    Rapid reaction
    Philips Cybersecurity Incident Response

    Briefcase icon

    Case creation

    Indication of a possible incident/event is received via the security monitoring system (or directly from the customer) and handled by the PSIRT (Product Security Incident Response Team). If the alert meets the criteria for an actionable response, it is logged into the system and a case is created.
    Calendar icon

    Incident assessment & planning

    PSIRT further assesses the incident and notifies the appropriate product security officer to be sure they are available to provide guidance to the remote service engineer/field service engineer should technical support be needed during the remediation process. A plan for the management of the incident is created.
    Tools icon

    Immediate handling

    Some incidents require quick response and are handled within the hour. Others are prioritised based on severity and customer contract requirements. Every incident is investigated, resolved and closed as soon as possible.
    Throughout the incident response process, your in-house Security Officer and BioMed lead(s) are kept notified of the progress. In addition, you have access to our online complaint system to follow each incident response step. The goal is to get the medical device back to proper operating mode ASAP.
    1
    Select your area of interest
    2
    Contact details

    We are always interested in engaging with you.

    Let us know how we can help.

    1
    2
    Contact details

    Our site can best be viewed with the latest version of Microsoft Edge, Google Chrome or Firefox.