Skip to content
MarketScale
‹ Back to IndustriesEnergy

Healthcare Orgs, Take Control of Your Network! Level Up Cyber Hygiene with Diligent Vendor Vetting and Software Segmentation

Healthcare organizations face growing cybersecurity risks from third-party software vendors and poorly segmented networks. Diligent vendor vetting and software segmentation are essential strategies to limit breach exposure and protect critical systems. Proactive cyber hygiene practices at the supply chain level are key to reducing attack surfaces.

This story was produced through MarketScale. See how Energy teams put it to work with Customer Stories & Case Studies.

Promoted content from Experts Talk on MarketScale.

By Robin Berthier, Ph.D. · Cybersecurity in HealthcareMedtech DevicesNetwork PerceptionRobin Berthier
Share

Key takeaways

01

Healthcare organizations must rigorously vet third-party and vendor software before deployment to reduce supply chain risk.

02

Network segmentation of critical systems limits the lateral movement of attackers in the event of a breach.

03

Consistent cyber hygiene practices across the organization and its vendors are foundational to healthcare cybersecurity.

The digital transformation of healthcare organizations has significantly increased reliance on software and medtech devices, weaving a complex web of interdependencies in their supply chains. This shift raises critical vulnerabilities as highlighted by infamous incidents like the SolarWinds breach, underscoring the urgency for enhanced cyber hygiene practices. With recent executive orders pushing for better security protocols, healthcare organizations are under pressure to fortify their supply chains against escalating cyber threats.

What strategies can healthcare organizations employ to effectively manage the cyber hygiene of their healthcare supply chain, including software and medtech devices?

Robin Berthier, CEO and founder of Network Perception, advocates for rigorous cyber hygiene practices within healthcare supply chains on a recent episode of Expert's Talk. He emphasizes the necessity of standard vendor questionnaires and robust security protocols and underscores the importance of continuous vendor risk assessments and software segmentation to effectively mitigate potential cyber threats, drawing lessons from major breaches like SolarWinds.

Continuous vendor risk assessments and software segmentation effectively mitigate potential cyber threats.

Key takeaways:

  1. Develop Standard Questionnaires for Vendors: Establishing standard questionnaires for all vendors can help assess the risks introduced by third parties and ensure they adhere to secure coding best practices.
  2. Vet Vendor Security Practices: It's crucial to scrutinize the security practices surrounding the build environments of vendors to prevent incidents similar to the SolarWinds breach, where malware was inserted directly into the source code.
  3. Implement Software Segmentation: By applying segmentation to software, organizations can contain potential breaches within manageable risk levels, thereby minimizing widespread impact.
  4. Regular Patching and Updates: Ensuring that all software and devices within the supply chain are regularly updated and patched can significantly reduce vulnerabilities.
  5. Continuous Risk Assessment: Continual evaluation of the risks posed by vendors and their products is essential to adapting and strengthening cybersecurity measures over time.
Video TranscriptExpand ↓

Yeah. The risk of supply chain has been really a major point of discussion that pushed by the executive order a couple of years back from the White House. It's really the practical advice there is to adopt an approach where you develop a standard questionnaire for all your vendors that will help you assess the risk that you're introducing and what type of secure coding best practices they are doing, how they are securing their build environment. Like, we all have in, you know, the the memories of, SolarWind, being being breached, like, attackers being able to introduce malware directly inside the source code of a major IT platform. And then once we're in the build environment, every customer is patching their Soloway instance will get infected. And so we have eighteen thousand organizations infected in just a few weeks. So really vetting the risk that you're bringing with those, solution providers and then also applying those concepts of segmentation to, to your software, to, to the software you're introducing to make sure that if something goes bad, then it's contained into, into the proper risk level.

Experts Talk

Part of this channel

Experts Talk

Industry experts debate the ideas that drive B2B decisions.

Visit the channel →

About the author

RB
Robin Berthier, Ph.D.

Energy: are you visible to AI?

Before they reach out, Energy buyers ask AI engines which vendors to trust. See how AI describes your company today, and where competitors show up instead.

Free workspace

You just read one expert. Imagine publishing your whole team.

This article was produced through MarketScale. Create a free workspace and turn your own team's expertise into articles, video, and social posts. No credit card, no demo required.

NPS +73 · 1,000+ creators · 38+ countries

What you get, free

Your own MarketScale Studio workspace
One video edit a month, on us
AI writing, editing, and publishing tools
In-platform coaching to learn the system

More Energy Insights

GE Vernova doubles down on nuclear, direct air capture, and grid AI at Aspen Ideas Festival

GE Vernova doubles down on nuclear, direct air capture, and grid AI at Aspen Ideas Festival

GE Vernova, at the Aspen Ideas Festival, spotlighted four breakthrough technologies that include small modular reactors and AI-driven grid tools. The company emphasizes its focus on nuclear, direct air capture, and advanced grid AI technologies. These innovations are part of GE Vernova's efforts to revolutionize the energy sector.

  • 01GE Vernova highlighted its focus on nuclear technology, direct air capture, and grid AI at the Aspen Ideas Festival.
  • 02The company presented four breakthrough technologies, aiming to innovate the energy sector.
  • 03Small modular reactors and AI-driven grid tools were among the technologies showcased.

Jul 3, 2026

Joulent Secures $1.75B Strategic Investment from National Grid to Accelerate Growth as Technology-Driven Energy Company Powering American Innovation

Joulent has secured a $1.75 billion investment from National Grid to enhance its capabilities as a technology-driven energy company. This partnership will bolster Joulent's ability to provide reliable, rapid, and large-scale power solutions. The investment aims to strengthen Joulent's position as a leader in American energy innovation.

  • 01Joulent receives a $1.75 billion strategic investment from National Grid.
  • 02The investment will accelerate Joulent's growth as a technology-driven energy company.
  • 03The partnership enhances Joulent's first-mover advantage in delivering power solutions.

Jul 1, 2026

Duke Energy’s nearly $1 billion investment with North Carolina suppliers strengthens U.S. supply chains

Duke Energy’s nearly $1 billion investment with North Carolina suppliers strengthens U.S. supply chains

Duke Energy invested nearly $1 billion with North Carolina-based suppliers as part of its $17.2 billion annual sourcing in 2025. The investment is largely U.S.-based, emphasizing the company's commitment to strengthening domestic supply chains. This move is part of Duke Energy's broader strategy to support local economies and enhance supply chain resilience.

  • 01Duke Energy invested nearly $1 billion with North Carolina suppliers in 2025.
  • 02The company's annual sourcing totals $17.2 billion, over 97% of which is U.S.-based.
  • 03The investment strengthens domestic supply chains and supports local economies.

Jun 30, 2026

Explore More Energy Insights

Read more expert perspectives from across Energy.

Browse Energy Hub

About the Expert

RB
Robin Berthier, Ph.D.

CEO and Co-founder at Network Perception

Robin Berthier, Ph.D. is the CEO and co-founder of Network Perception, a cybersecurity company specializing in network security monitoring and visualization. He holds a Ph.D. in computer science and has extensive research and industry experience in critical infrastructure protection. Berthier frequently speaks on topics related to OT/ICS network security and cyber hygiene.