Tech Features
WHEN MEDICAL SCANS END UP ONLINE: THE QUIET RISK HOSPITALS CAN FIX FAST

Attributed by Osama Alzoubi, Middle East and Africa VP at Phosphorus Cybersecurity
As Saudi Arabia races ahead in digital healthcare transformation, a quieter vulnerability lingers in the background: medical imaging systems that can be found – and sometimes accessed – directly from the public internet. Imaging infrastructure, diagnostic platforms, and hospital information systems are being modernized at speed improving outcomes, accelerating workflows, and bringing advanced clinical capabilities to more communities. But beneath this progress lies a quieter risk that rarely makes headlines: medical imaging systems being exposed on the public internet due to simple configuration errors.
Not a dramatic cyberattack. Not a threat actor breaching a firewall. Just avoidable misconfigurations that leave sensitive patient data reachable by anyone who knows where to look.
Medical imaging systems in Saudi Arabia face a persistent security challenge that differs from dramatic cyberattacks. Patient data exposure often occurs through configuration errors that leave systems accessible on the public internet. These technical oversights represent a significant vulnerability in healthcare’s digital infrastructure.
The Kingdom’s Personal Data Protection Law (PDPL) establishes strict requirements for handling health data. This legislation, modeled after international standards, mandates enhanced protection for medical information and imposes penalties for unauthorized disclosure. Hospitals must implement organizational and technical measures to prevent data exposure.
Radiology departments increasingly use digital platforms for case discussions and second opinions. Without proper configuration, these systems might allow unintended access to patient records. Teleradiology services, which expanded significantly during the pandemic, require secure transmission protocols to protect data during remote consultations.
When we hear about data breaches, we often imagine skilled hackers penetrating security systems. The reality is often simpler and more preventable. “Exposed” typically means a system is reachable from the public internet due to setup choices, not a sophisticated intrusion.
This happens in real-world healthcare settings for straightforward reasons: rushed deployments to meet clinical deadlines, vendor-supplied default configurations that were never changed, remote support access left open for convenience, and legacy systems that were connected to modern networks without proper security reviews.
The scale is significant. Research has identified over 1.2 million reachable devices and systems globally, including MRI scanners, X-ray systems, and related medical infrastructure. These are not theoretical vulnerabilities. They represent actual systems that can be found and accessed from anywhere with an Internet connection.
What gets exposed is more than images
Medical imaging files are not simply pictures. They carry identifiers and metadata that can connect scans directly to real people. Patient names, dates of birth, identification numbers, and clinical details often travel alongside the diagnostic images themselves.
This matters for several reasons. Beyond the obvious privacy violation, exposed patient imaging data creates risks of identity fraud, potential coercion or blackmail, serious reputational damage to healthcare institutions, and erosion of the trust patients place in their medical providers.
Security monitoring platforms have documented cases where exposed systems allowed direct access to both images and patient data—offering a level of detail that should never be open to anyone outside the clinical team.
Why this keeps repeating worldwide
Hospitals everywhere use similar device types and manage comparable data flows. The result is that the same setup mistakes appear repeatedly across different countries and healthcare systems. What starts as one hospital’s misconfiguration becomes everyone’s common failure mode.
The medical devices themselves often come with similar default settings. Imaging servers, picture archiving systems, and diagnostic viewers are deployed in comparable ways. When basic security steps are skipped during installation, the exposure follows a predictable pattern.
Health sector cybersecurity guidance from international authorities emphasizes the need for repeatable baseline controls precisely because these patterns recur. Reducing exposure requires not innovation, but consistent application of known protective measures.
Healthcare organizations face a common vulnerability pattern. A major healthcare provider addressed similar challenges across hundreds of hospitals, discovering that default passwords, vulnerable firmware, and device misconfigurations created entry points that threatened patient care and hospital operations across more than 500,000 connected medical and operational devices.
The Saudi-specific layer: connectivity at cluster scale
Saudi Arabia’s healthcare transformation includes the expansion of health clusters that connect multiple facilities into integrated networks. This approach improves care coordination and resource sharing, but it also means that one weak link can affect multiple sites.
National interoperability initiatives support the sharing of imaging and diagnostic reports across the healthcare system. The Saudi health ministry has established specifications for imaging data exchange through the national health information exchange platform, enabling providers to access patient scans regardless of where they were originally performed.
This connectivity is essential for modern healthcare delivery. It allows specialists to review scans remotely, supports second opinions, and ensures continuity of care when patients move between facilities. However, it also increases the need for consistent configuration rules and security standards across all connected sites.
When imaging systems within a cluster are not uniformly secured, the exposure risk multiplies. A misconfigured system in one facility can potentially provide access to data from across the entire cluster network.
A practical checklist hospitals can act on
Healthcare institutions can take concrete steps to reduce exposure risk. These are not theoretical recommendations but proven measures that address the most common vulnerabilities.
First, create a complete inventory. Every hospital should maintain a current list of what is connected to its network, including imaging devices, storage servers, viewing stations, web portals, and remote access tools. You cannot protect what you do not know exists.
Second, check external exposure. Verify that nothing sensitive is reachable from the public internet. This requires technical scanning from outside the hospital network to identify systems that respond to external queries. Many organizations discover exposures they did not realize existed.
Third, restrict remote access properly. Remote connections for maintenance and support should be tightly controlled, require strong authentication methods, and be removed entirely when no longer needed. Convenience should never override security when patient data is involved.
Fourth, implement safe setup procedures. Develop standard build guides for imaging systems, change all default passwords and settings, clearly document who owns each system, and establish responsibility for applying security patches and updates. Industry experience shows that default credentials remain one of the lowest barriers for attackers seeking entry into healthcare networks.
Fifth, conduct continuous checks. Exposure scanning should happen after any network changes, not just once annually. Healthcare networks evolve constantly, and new vulnerabilities can appear whenever systems are added or reconfigured.
These steps align with guidance from international cybersecurity authorities and health sector regulators, which emphasize reducing exposed services and strengthening baseline controls as priority actions for healthcare organizations.
The governance fix: make secure setup part of how clusters run
Individual hospital efforts are necessary but not sufficient. At the cluster level, governance structures must embed security into standard operations.
This begins with cluster-wide minimum standards for imaging systems and remote access. Every facility within a cluster should follow the same baseline security requirements, ensuring consistent protection regardless of which site a patient visits.
Clear ownership must be established for every system. Someone specific should be responsible for applying patches, approving access requests, and regularly checking for exposure. When accountability is diffuse, critical tasks get overlooked.
Procurement processes offer another leverage point. Purchase agreements should require vendors to provide secure default configurations, enable comprehensive logging capabilities, and commit to supported update cycles for the life of the equipment. Security should be a selection criterion, not an afterthought.
These governance approaches reflect sector framework guidance that encourages structured programs and repeatable controls rather than ad hoc responses to individual incidents.
Saudi Arabia has invested heavily in national cybersecurity frameworks and regulatory oversight across critical sectors, including healthcare. The foundation exists. The next step is ensuring those protections extend fully to the expanding ecosystem of IoT and IoMT devices — where simple configuration gaps can undermine otherwise sophisticated digital progress.
Prevent avoidable incidents
The goal is not perfection. Healthcare systems are complex, and some level of risk will always exist. The goal is removing the easiest path for data exposure: systems sitting openly on the public internet waiting to be found.
In connected healthcare, the quickest wins come from two simple principles: visibility and access control. Know what you have connected, and shut the doors that do not need to be open.
For Saudi Arabia’s health clusters, this represents an achievable objective. The infrastructure investments being made across the Kingdom’s healthcare sector create an opportunity to build security into expansion rather than retrofitting it later.
Medical imaging systems serve an essential clinical purpose. They should not also serve as unintended windows into patient data. With practical steps and consistent governance, hospitals can fix this quiet risk before it becomes a public incident.
In digital healthcare, exposure is rarely a mystery. It is usually a configuration. The question is not whether hospitals can fix it, but whether they will do so before patients pay the price.
Tech Features
ENGINEERING INTELLIGENCE IN EDUCATION: PREPARING YOUNG WOMEN FOR FUTURE TECH LEADERSHIP

Dr Esraa Khatab, Assistant Professor at the School of Mathematical and Computer Sciences, Heriot-Watt University Dubai
As we celebrate International Women in Engineering Day (INWED), attention is increasingly focused on how to prepare young women not only to participate in engineering but to lead its future. In a world shaped by artificial intelligence, sustainability challenges, and rapid digital transformation, education must go beyond technical instruction. It must cultivate what we can call engineering intelligence, a combination of technical expertise, problem-solving ability, creativity, and leadership confidence.
For young women, this preparation is most effective when education is intentionally designed to inspire, support, and position them as future innovators and decision-makers.
Inspiring Young Women Through Meaningful Learning
Engaging young women in engineering begins with making learning relevant and purposeful. When engineering is connected to real-world challenges, such as improving healthcare systems, designing sustainable cities, or developing climate solutions, it resonates strongly with students who are motivated by impact.
Project-based learning plays a key role here. When young women work on designing smart applications, building prototypes, or solving community challenges, they begin to see themselves as capable engineers contributing to society. Thes experiences move engineering from an abstract concept to a meaningful pathway where their ideas matter.
Initiatives such as the UAE’s “One Million Arab Coders” and international programs like “Girls Who Code” have successfully introduced thousands of young women to coding, AI, and digital innovation. These initiatives are powerful not just because of the skills they teach, but because they create an early sense of belonging in technology-driven environments.
Mentorship: Unlocking Potential and Building Confidence
For young women, mentorship is a transformative element of engineering education. It provides not only guidance but also reassurance, helping students navigate academic and career pathways with clarity and confidence.
Connecting young women with mentors, whether through universities, industry partnerships, or outreach programs, offers them valuable insights into emerging fields such as artificial intelligence, robotics, and renewable energy. These relationships make career paths more tangible and achievable.
In classroom settings, mentorship can be embedded into learning through project collaborations and industry engagement. When young women receive feedback from
professionals, present their ideas, and engage in real-world problem-solving, they begin to develop both confidence and professional identity.
Mentorship also nurtures leadership. By observing and interacting with experienced professionals, young women gain exposure to decision-making, teamwork, and innovation processes, essential components of future tech leadership.
Expanding Opportunities Through STEM Outreach
STEM outreach initiatives are vital in reaching young women early and sustaining their interest in engineering pathways. Programs that focus on hands-on, creative engagement, such as robotics competitions, coding bootcamps, and innovation labs, are particularly effective in building confidence and curiosity.
These initiatives create safe and encouraging environments where young women can experiment, take risks, and learn collaboratively. Importantly, they shift the narrative from simply learning technology to actively creating it.
Digital platforms have further expanded opportunities for young women in engineering. Virtual labs such as “MIT OpenCourseWare” and interactive simulations (e.g., PhET) allow learners to experiment and build practical skills remotely, with research showing strong gains in engagement and motivation. Online hackathons, including initiatives like the “UAE InnovAIte AI” Hackathon, provide young women with collaborative spaces to design real-world solutions using emerging technologies. At the same time, AI-powered tools such as “Khan Academy’s Khanmigo” offer personalized guidance, helping learners build confidence through continuous, self-paced support.
Together, these platforms create flexible and inclusive pathways that enable young women to actively engage, experiment, and grow within today’s rapidly evolving technological landscape. By introducing young women to emerging technologies early, outreach programs help them build familiarity and confidence in fields that will define the future of work.
Encouraging Young Women to Lead in Emerging Fields
Emerging engineering domains, such as artificial intelligence, smart systems, biotechnology, and sustainable energy, offer significant opportunities for innovation and leadership. Encouraging young women to explore these areas requires intentional effort within education systems.
This can be achieved through:
- Early integration of advanced topics: Introducing AI, data science, and sustainability concepts at foundational levels.
- Interdisciplinary approaches: Encouraging young women to apply engineering skills in healthcare, environmental science, and social innovation.
- Experiential learning: Providing opportunities for internships, research projects, and innovation challenges in emerging fields.
These experiences allow young women to build not only technical expertise but also the confidence to navigate complex, real-world challenges. They begin to see themselves as contributors to cutting-edge developments, rather than observers.
Building Confidence and Leadership Identity
For young women to thrive in engineering, education must also focus on building confidence and leadership skills. This includes creating environments where their voices are heard, their ideas are valued, and their contributions are recognized.
Encouraging young women to lead team projects, present their work, and participate in competitions helps them develop essential soft skills such as communication, collaboration, and critical thinking.
Representation also plays an important role. Highlighting the achievements of women engineers and innovators, both globally and within local communities, reinforces the message that leadership in engineering is both attainable and expected.
Importantly, leadership development should be embedded into the learning journey. Innovation challenges, entrepreneurship programs, and community-based projects provide platforms for young women to take initiative and drive impact.
Looking Ahead: Empowering Young Women to Shape the Future
The future of engineering will be defined by those who can think creatively, solve complex problems, and lead with vision. Preparing young women for this future is not just about education, it is about empowerment.
By combining meaningful learning experiences, strong mentorship, expanded outreach, and opportunities in emerging technologies, we can create an ecosystem where young women thrive as engineers and leaders.
As we celebrate INWED, the focus is clear: to ensure that young women are equipped not only with skills, but with the confidence and ambition to lead. When this happens, they do more than contribute to technological advancement, they shape it.
Tech Features
FIVE WAYS UAE WORKFORCE PLANNING IS CHANGING IN 2026
The UAE is entering a more complex phase of workforce growth. Hiring momentum remains strong, with the country recording a Net Employment Outlook of 60% for Q2 2026, placing it among the strongest employment markets globally. Yet the main challenge for companies is whether their employment structures, immigration planning, compliance systems, and HR leadership can support growth at scale.
Aethra Advisory, a UAE-based global hiring strategy and mobility architecture firm, outlines five shifts companies should prepare for as compliance, immigration, and HR become more connected.
HR is becoming workforce architecture
HR can no longer be treated as an administrative function focused only on recruitment, onboarding, contracts, and employee relations. In 2026, HR leaders are expected to help design the workforce model itself. That includes where a company hires, which employment structures it uses, how talent moves across borders, and where compliance risk may appear. A hiring decision is now linked to visa eligibility, payroll structure, sponsorship, worker classification, relocation timelines, and long-term operating needs.
Many companies still hire first and address structure later. The consequences often emerge months afterwards, when employment models become costly, difficult to manage, or unable to support growth.
AI is entering recruitment and workforce planning
Companies are using AI to screen CVs, match candidates to roles, automate outreach, schedule interviews, assess skills, and generate workforce insights. Used well, it can make hiring faster and more consistent, especially in high-volume recruitment environments.
A 2025 field experiment involving around 37,000 applicants found that 54% of candidates assessed through an AI-assisted recruitment pipeline passed the final human interview, compared with 34% of candidates assessed through a traditional pipeline. However, AI does not replace human judgement. Companies still need clear hiring criteria, documented decision-making, oversight and an understanding of how recommendations are generated and reviewed.
Companies are moving into global talent systems
Many companies make the UAE a base for regional and international expansion due to its business-friendly policies and strategic location. Local companies are hiring across borders, global firms are entering the UAE, and leadership teams are being built across multiple jurisdictions. In fact, the cross-border workforce and migration solutions market is projected to reach $11.37 billion by 2033, growing at an annual rate of 11.8%.
For employers, hiring can no longer be treated as a local HR process. Companies must make deliberate decisions about how they enter new markets and engage talent. Some may use an Employer of Record to hire quickly, while others may establish a local entity to gain greater control. In some cases, relocating and sponsoring employees will be the right approach or engaging contractors or building a longer-term market entry structure may be more suitable. Each route carries different implications for cost, compliance, operational control, and future scalability.
Employment models are becoming more hybrid
As companies scale, informal arrangements become harder to manage. A single UAE business may now have locally sponsored employees, remote workers, consultants, contractors, relocating workers, etc. This gives companies more flexibility, but also creates operational risk when obligations are not understood from the start. Worker classification, payroll treatment, benefits, visa eligibility, contract terms, management control, and termination rules can vary depending on how a person is engaged. Employers need clear structures defining employment status, work location, applicable law, and how each relationship is governed.
Regulation is influencing hiring decisions
In the UAE, hiring depends on more than finding the right candidate. Companies need the right regulatory setup before they can move quickly. Licensing gaps, unclear sponsorship routes, incomplete documentation, or a mismatch between the role and the employment structure can still delay a strong hire.
This makes compliance and immigration planning an early hiring priority. Companies should understand the requirements before entering a market, confirming a hire, or committing to a relocation timeline.
Tech Features
Networks Must Evolve Before AI Can Scale
Rohit Chowdhary, Head of Advanced Consulting Services at Nokia, sat down with The Integrator to share insights into the company’s vision for enabling the AI supercycle. He outlined how Nokia’s end-to-end portfolio spans everything from AI-ready connectivity and energy-efficient 800G data centre networking to intelligent, self-optimising home Wi-Fi experiences powered by AI.
A key focus of the discussion was Nokia’s shift from strategic advisory to real-world execution through its dedicated Automation Excellence Practice, helping operators translate ambitious transformation roadmaps into measurable outcomes. The conversation also highlighted the growing importance of integrated, intelligent and secure networks that can support rising AI workloads, eliminate infrastructure bottlenecks and unlock tangible business value, while maintaining the highest standards of security, privacy and resilience
Could you begin by telling us about your role at Nokia and the journey that brought you here?
I lead Nokia’s Advanced Consulting Services business across Europe, the Middle East and Africa. My journey with Nokia spans nearly seventeen years, beginning at a time when consulting was largely focused on network transformation initiatives. Over the years, I have worked closely with operators around the world on transformation programmes, analytics adoption, customer experience management and digital modernization.
As the industry evolved, so did our consulting focus. Following the Nokia and Alcatel Lucent merger, we established what is today known as Advanced Consulting Services. The organization now spans several domains, including security, business monetization, cloud and technology transformation, autonomous operations, and data and AI.
More recently, we launched an Automation Excellence Practice. The idea was simple. Customers often appreciated our strategic blueprints but needed practical expertise to implement them. Today, we have specialized engineers who combine telecom expertise, AI capabilities and software development skills to turn strategic visions into real automation pipelines, AI-driven workflows and production-ready use cases. Our role is to help customers move from concept to measurable business outcomes.
Nokia is often associated with connectivity, but the company is increasingly talking about AI readiness. How does Nokia’s infrastructure portfolio support this transition?
AI is creating what we describe as an AI supercycle. It is transforming everything from data centres and cloud infrastructure to network architectures and edge computing. Supporting this shift requires a complete ecosystem rather than isolated technologies.
Nokia’s portfolio addresses this across multiple layers. On the network side, we continue to innovate in radio technologies, including AI-RAN capabilities developed alongside strategic partners such as Nvidia. We also have a strong optical networking and IP portfolio that enables the high-capacity connectivity required between data centres, edge locations and cloud environments.
One area that excites me is our innovation in data centre networking. We are introducing highly efficient coherent optical technologies and advanced switching platforms that significantly reduce infrastructure footprints while improving performance and energy efficiency. These innovations are becoming increasingly important as organizations invest in AI factories, AI grids and large-scale inference environments.
Beyond connectivity, we also provide intelligent automation layers through our autonomous networking platforms, enabling operators to manage complex, multi-vendor environments more efficiently and intelligently.
What are some of the biggest infrastructure bottlenecks you see operators and enterprises facing as AI adoption accelerates?
One of the biggest challenges is understanding that AI infrastructure is not just about compute power. Organizations often focus heavily on GPUs and processing capabilities, but connectivity can quickly become the limiting factor.
You can deploy the most powerful AI infrastructure available, but if the network cannot support the required data movement between racks, data centres and edge locations, performance suffers. This is where intelligent networking becomes critical.
At Nokia, we are helping customers design what we call AI-ready connectivity. This includes high-capacity optical networking, intelligent routing and the seamless interconnection of compute environments. As AI workloads become increasingly distributed, the ability to move data efficiently becomes just as important as the ability to process it.
On the consumer side, Nokia has been showcasing AI-driven Wi-Fi management capabilities. How does this improve the end-user experience?
The home network has become far more complex than it was a few years ago. Consumers expect flawless connectivity across multiple devices, applications and services.
Our AI-enabled Wi-Fi solutions continuously monitor network performance and user experience. They can identify coverage gaps, detect congestion, analyze interference patterns and even recommend or automatically implement corrective actions.
The goal is to create a self-optimizing network environment where many issues can be resolved autonomously before they impact the user. This reduces support requirements for service providers while delivering a more consistent and reliable experience for customers.
The Middle East is witnessing an unprecedented surge in data centre investments. How do you see this shaping Nokia’s opportunities in the region?
The Middle East has emerged as one of the most dynamic markets globally for AI infrastructure investments. Governments and enterprises are actively investing in sovereign AI capabilities, advanced data centres and digital ecosystems.
This creates significant opportunities, not only for Nokia but for the broader technology industry. The success of these initiatives depends on having secure, scalable and efficient connectivity between compute resources, cloud environments and end users.
Our role is to help customers build these foundations. Whether it is data centre interconnectivity, optical networking, intelligent routing or autonomous operations, Nokia’s technologies are designed to support the scale and performance requirements of AI-driven economies.
As data volumes continue to grow, security and data sovereignty are becoming increasingly important. How is Nokia addressing these concerns?
Security is deeply embedded into Nokia’s strategy and innovation roadmap. As a European technology company, trust, resilience and security have always been fundamental principles in how we design and operate our solutions.
While we continue to invest heavily in AI innovation, we are equally focused on strengthening security capabilities across our portfolio. This includes advanced network security architectures, AI-driven threat detection and preparations for future technologies such as quantum-safe networking.
We are actively engaged with industry bodies, standards organizations and ecosystem partners to help define the next generation of secure digital infrastructure. As AI becomes increasingly pervasive, security must evolve alongside it, and that is an area where Nokia continues to invest significantly.
Looking ahead, what excites you most about the future of AI-driven networks?
What excites me most is the convergence of AI, automation and connectivity. Networks are evolving from passive transport layers into intelligent platforms that can learn, adapt and optimize themselves.
The future will be defined by autonomous operations, AI-native networks and real-time decision-making at scale. Organizations that successfully combine these capabilities will unlock entirely new business models and levels of operational efficiency.
For us, the opportunity is not just about deploying technology. It is about helping customers transform the way they operate, innovate and create value in an increasingly AI-driven world.
-
News11 years ago
SENDQUICK (TALARIAX) INTRODUCES SQOOPE – THE BREAKTHROUGH IN MOBILE MESSAGING
-
Trending8 months agoOPPO A6 Pro 5G Review: Reliable Daily Driver
-
Tech News2 years agoDenodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
-
VAR1 year agoMicrosoft Launches New Surface Copilot+ PCs for Business
-
Automotive2 years agoAGMC Launches the RIDDARA RD6 High Performance Fully Electric 4×4 Pickup
-
Tech Interviews2 years ago
Navigating the Cybersecurity Landscape in Hybrid Work Environments
-
Tech News12 months agoNothing Launches flagship Nothing Phone (3) and Headphone (1) in theme with the Iconic Museum of the Future in Dubai
-
VAR2 years agoSamsung Galaxy Z Fold6 vs Google Pixel 9 Pro Fold: Clash Of The Folding Phenoms


