ChaptersEventsBlog
Share how your organization is preparing for the agentic shift in identity governance. Take the Securing AI Agents Survey by October 10 →

Download Publication

Medical Devices in A Zero Trust Architecture
Medical Devices in A Zero Trust Architecture

Medical Devices in A Zero Trust Architecture

Release Date: 05/08/2023

Today’s medical devices often connect to the cloud, which increases the risk by expanding the attack surface. This presents the Healthcare Delivery Organizations (HDOs) with threats and vulnerabilities, technology issues, software risks, and human factors. As a result, security architects are forced to re-examine the concept of identity. Essentially, every connected medical device has an identity and must be under consideration within the Zero Trust Framework. 
Download this Resource

Bookmark
Share
View translations
Related resources
Analyzing Log Data with AI Models to Meet Zero Trust Principles
Analyzing Log Data with AI Models to Meet Zero ...
Zero Trust Guidance for Small and Medium Size Businesses (SMBs) - Korean Translation
Zero Trust Guidance for Small and Medium Size B...
Healthcare Confidential Computing and the Trusted Execution Environment
Healthcare Confidential Computing and the Trust...
Zero Trust Architecture: Principle Driven Security Strategy for Organizations and Security Leaders
Zero Trust Architecture: Principle Driven Security Strategy for Org...
Published: 09/30/2025
AI Log Analysis for Event Correlation in Zero Trust
AI Log Analysis for Event Correlation in Zero Trust
Published: 09/26/2025
The Salesloft Drift OAuth Supply-Chain Attack: Cross-Industry Lessons in Third-Party Access Visibility
The Salesloft Drift OAuth Supply-Chain Attack: Cross-Industry Lesso...
Published: 09/25/2025
What is Protected Health Information (PHI)?
What is Protected Health Information (PHI)?
Published: 09/24/2025

Acknowledgements

Dr. Jim Angle
Dr. Jim Angle

Dr. Jim Angle

Jim has dedicated hundreds of hours to CSA and was instrumental in reviving CSA’s Health Information Management working group. In doing so, he drafted the group’s first charter and went on to become its co-chair. In this role, he authored three papers — Managing the Risk for Medical Devices Connected to the Cloud, Telehealth in the ...

Read more

Michael Roza
Michael Roza
Risk, Audit, Control and Compliance Professional at EVC

Michael Roza

Risk, Audit, Control and Compliance Professional at EVC

Michael Roza is a seasoned risk, audit, control and compliance, and cybersecurity professional with over 20 years of experience across multinational enterprises and startups. As a Cloud Security Alliance (CSA) Research member for over 10 years, he has led and contributed to more than 140 CSA projects spanning Zero Trust, AI, IoT, Top Threats, DecSecOps, Cloud Key Management, Cloud Control Matrix, and many others.

He has co-chaired...

Read more

Wayne Anderson Headshot Missing
Wayne Anderson

Wayne Anderson

Are you a research volunteer? Request to have your profile displayed on the website here.

Interested in helping develop research with CSA?

Related Certificates & Training