No one wants to imagine that their pacemaker or insulin pump can be hacked when their life depends on the proper functioning of these medical devices. However, a recent Ponemon Institute survey discovered that 67 percent of medical device manufacturers and 56% percent of Healthcare Delivery Organizations (HDOs) think an attack on a medical device in use is likely to occur over the next 12 months (2017 Trip Wire). That information provides an added layer of anxiety for patients, medical providers, and manufacturers, and makes medical device cyber security more important than ever.
There is good news, though. In the last 5 years, healthcare providers and manufacturers have made an effort to include cyber attacks in their contingency plans, and put into place resources to mitigate a potential breach. (2017 TripWire)
These well designed security plans for medical device cyber security include:
- Dedicated budget for cyber security
- Cyber security professionals included in the staffing headcount
- Risk assessments regularly performed by healthcare providers
- Regularly conduct penetration testing
- Security awareness and training programs made available
- And much more…
The US Food and Drug Administration has been making inroads to mitigate any potential attacks with updates to security measures and by seeking to formalize guidelines. As with all guidelines, they do not have to be followed. However, if a provider adopts the recommendations, medical device cyber security can be improved, making the industry and the patient less apprehensive. (2017 TripWire) Not to mention the fact that the provider can use these security measures as a competitive advantage.
Want to learn more about cyber security and how it can affect the healthcare industry? IEEE offers both cyber security and ethical hacking training to help corporations prepare. Learn more about institutional pricing and request a quote here.
Newman, L. (2017, March 2) Medical Devices Are the Next Security Nightmare. Wired
(2017, August 27) Highs & Lows of Cyber Security in Healthcare. TripWire