Why is vendor vetting so important for healthcare cybersecurity?

Third-party vendors often have privileged access to healthcare networks and systems, making them attractive entry points for attackers. Insufficient vetting can allow compromised or vulnerable software to introduce risks directly into critical infrastructure. Rigorous vendor assessments help organizations understand and manage this supply chain exposure.

What is software segmentation and how does it help healthcare organizations?

Software segmentation involves isolating critical systems and applications from one another and from less-trusted parts of the network. This limits the ability of an attacker to move laterally after an initial breach, containing potential damage. For healthcare, this is especially critical given the sensitivity of patient data and the life-safety implications of clinical systems.

What steps can healthcare organizations take to improve cyber hygiene?

Organizations should establish clear policies for onboarding and monitoring third-party vendors, conduct regular network audits, and enforce segmentation of critical systems. Staff training, timely patching, and continuous monitoring of network traffic are also essential components. Building a culture of security awareness throughout the organization and its supply chain strengthens overall resilience.

‹ Back to Industries

Energy

Healthcare Orgs, Take Control of Your Network! Level Up Cyber Hygiene with Diligent Vendor Vetting and Software Segmentation

Healthcare organizations face growing cybersecurity risks from third-party software vendors and poorly segmented networks. Diligent vendor vetting and software segmentation are essential strategies to limit breach exposure and protect critical systems. Proactive cyber hygiene practices at the supply chain level are key to reducing attack surfaces.

This story was produced through MarketScale. See how Energy teams put it to work with Customer Stories & Case Studies.

Promoted content from Experts Talk on MarketScale.

By Robin Berthier, Ph.D. · April 26, 2024, 1:48 PM UTCCybersecurity in HealthcareMedtech DevicesNetwork PerceptionRobin Berthier

Key takeaways

Healthcare organizations must rigorously vet third-party and vendor software before deployment to reduce supply chain risk.

Network segmentation of critical systems limits the lateral movement of attackers in the event of a breach.

Consistent cyber hygiene practices across the organization and its vendors are foundational to healthcare cybersecurity.

The digital transformation of healthcare organizations has significantly increased reliance on software and medtech devices, weaving a complex web of interdependencies in their supply chains. This shift raises critical vulnerabilities as highlighted by infamous incidents like the SolarWinds breach, underscoring the urgency for enhanced cyber hygiene practices. With recent executive orders pushing for better security protocols, healthcare organizations are under pressure to fortify their supply chains against escalating cyber threats.

What strategies can healthcare organizations employ to effectively manage the cyber hygiene of their healthcare supply chain, including software and medtech devices?

Robin Berthier, CEO and founder of Network Perception, advocates for rigorous cyber hygiene practices within healthcare supply chains on a recent episode of Expert's Talk. He emphasizes the necessity of standard vendor questionnaires and robust security protocols and underscores the importance of continuous vendor risk assessments and software segmentation to effectively mitigate potential cyber threats, drawing lessons from major breaches like SolarWinds.

Continuous vendor risk assessments and software segmentation effectively mitigate potential cyber threats.

Key takeaways:

Develop Standard Questionnaires for Vendors: Establishing standard questionnaires for all vendors can help assess the risks introduced by third parties and ensure they adhere to secure coding best practices.
Vet Vendor Security Practices: It's crucial to scrutinize the security practices surrounding the build environments of vendors to prevent incidents similar to the SolarWinds breach, where malware was inserted directly into the source code.
Implement Software Segmentation: By applying segmentation to software, organizations can contain potential breaches within manageable risk levels, thereby minimizing widespread impact.
Regular Patching and Updates: Ensuring that all software and devices within the supply chain are regularly updated and patched can significantly reduce vulnerabilities.
Continuous Risk Assessment: Continual evaluation of the risks posed by vendors and their products is essential to adapting and strengthening cybersecurity measures over time.

Video TranscriptExpand ↓

Yeah. The risk of supply chain has been really a major point of discussion that pushed by the executive order a couple of years back from the White House. It's really the practical advice there is to adopt an approach where you develop a standard questionnaire for all your vendors that will help you assess the risk that you're introducing and what type of secure coding best practices they are doing, how they are securing their build environment. Like, we all have in, you know, the the memories of, SolarWind, being being breached, like, attackers being able to introduce malware directly inside the source code of a major IT platform. And then once we're in the build environment, every customer is patching their Soloway instance will get infected. And so we have eighteen thousand organizations infected in just a few weeks. So really vetting the risk that you're bringing with those, solution providers and then also applying those concepts of segmentation to, to your software, to, to the software you're introducing to make sure that if something goes bad, then it's contained into, into the proper risk level.

Part of this channel

Experts Talk

Industry experts debate the ideas that drive B2B decisions.

Visit the channel →

About the author

Robin Berthier, Ph.D.

Turn this into your own content

Create a free MarketScale workspace and publish your own experts. No credit card, no demo required.

Book a demo Start free

MarketScale platform

Want to launch your own podcast or show?

MarketScale gives B2B companies a full content studio: record, produce, and distribute your own channel. No agency, no crew, no guessing.

See how it works →

Keep exploring

Customer Stories & Case Studies
Document deployments as proof.
State of B2B Video Editing
Benchmarks for editing at scale.

energy Events

Brazil Windpower 2026

Sep 12, 2026 · Rio de Janeiro, RJ

RE+ 2026

Sep 14, 2026 · Las Vegas, NV

Renewable Energy India Expo 2026

Sep 20, 2026 · Greater Noida, Uttar Pradesh

See all energy events ›

Follow Energy Insights

Get new expert content in your inbox.

Become an Industry Voice

Share your expertise with 1,250+ B2B brands on MarketScale.

Apply to participate

New to MarketScale?

MarketScale is the platform Energy companies use to turn their own experts into content like this. Want the short overview?

Request info →Book a demo

Free workspace

You just read one expert. Imagine publishing your whole team.

This article was produced through MarketScale. Create a free workspace and turn your own team's expertise into articles, video, and social posts. No credit card, no demo required.

Start free Book a demo

NPS +73 · 1,000+ creators · 38+ countries

What you get, free

Your own MarketScale Studio workspace

One video edit a month, on us

AI writing, editing, and publishing tools

In-platform coaching to learn the system

More Energy Insights

Clean energy investment surges as security concerns and data centre demand reshape the global power market

The global power market is experiencing a surge in clean energy investment driven by security concerns, insurance considerations, and growing demand from data centers. This trend is advancing the transition to clean energy beyond traditional climate policies. Key drivers include geopolitical influences and increased interest from hyperscalers.

01Clean energy investment is increasing due to security concerns and data center demand.
02Geopolitical factors and insurance are playing significant roles in advancing clean energy.
03The transition to clean energy is occurring beyond traditional climate policy frameworks.

Jun 28, 2026

Europe's power grid buckles under record heat: outages, nuclear cuts, and soaring prices

Europe faces significant strain on its power grid due to an intense heatwave, leading to nuclear power reductions in France, grid alerts in the UK, and significant outages in Germany. These events are causing electricity prices to soar across the continent. The challenges highlight the vulnerabilities of Europe's energy infrastructure under extreme weather conditions.

01Europe's power grid is under strain from a record heatwave.
02France is reducing nuclear power output due to the heat.
03Germany experiences a major power outage, and the UK issues grid alerts.

Jun 28, 2026

Global energy investment surges while Washington retreats from climate action

The global energy sector is witnessing a surge in investments despite the United States pulling back on its climate initiatives. Countries like Norway and Bulgaria are actively channeling funds into energy projects. This trend reflects a divergence in global and U.S. climate and energy policies.

01Global energy investments are increasing.
02U.S. climate action is diminishing.
03Norway and Bulgaria are focusing on energy projects.

Jun 26, 2026

Explore More Energy Insights

Read more expert perspectives from across Energy.

Browse Energy Hub

About the Expert

Robin Berthier, Ph.D.

CEO and Co-founder at Network Perception

Robin Berthier, Ph.D. is the CEO and co-founder of Network Perception, a cybersecurity company specializing in network security monitoring and visualization. He holds a Ph.D. in computer science and has extensive research and industry experience in critical infrastructure protection. Berthier frequently speaks on topics related to OT/ICS network security and cyber hygiene.

LinkedIn Company

For Energy teams

See how Energy teams use MarketScale →

Customer Stories & Case Studies