Press "Enter" to skip to content

Communication and Medical Device Security at Risk in the Healthcare Sector

To achieve medical device security, a Healthcare organisation must have complete visibility into the number of devices on its network, patch and replace out-of-date devices on a regular basis, and stay on top of the latest technical vulnerabilities in order to patch devices before they harm patients. The difficulty is that most Healthcare companies face considerable challenges in implementing those procedures because visibility is still a challenge as new vulnerabilities and patches are identified on a regular basis.

While there have been no reports of patients being harmed as a result of medical device vulnerabilities to yet, research has indicated that threat actors can exploit vulnerabilities and harm patients through connected medical equipment. Researchers from McAfee have uncovered vulnerabilities in two types of B. Braun infusion pumps that might allow hackers to control drug doses remotely. Furthermore, due to cybersecurity concerns, the US Food and Drug Administration (FDA) has issued a recall on a family of Medtronic insulin pumps.

We have a wide array of devices that connect to our networks in Healthcare, which makes it distinctive. Other industries have it as well, but none of them have technology that keep people alive. As a result, we must be extremely precise, and we must be even more precise than we are now. Patients come to our hospital because they trust us to care for them in their time of need, regardless of the reason for their visit.

Organizations rarely utilise discretion to assess the cybersecurity of networked medical equipment, according to a research undertaken by the HHS Office of Inspector General (OIG). Medical device security assessments were either weak or nonexistent, according to the OIG’s review of Medicare accreditation organisation (AO) hospital surveys. According to previous KLAS data, Healthcare companies own an average of 10,000 medical devices. The absence of asset inventories and visibility into how many devices are on their organization’s network is causing chief information security officers (CISOs) to become increasingly concerned.

Be First to Comment

Leave a Reply

Your email address will not be published.