Medical devices: Many benefits

Medical devices: Many benefits, but many insecurities

Medical devices: Many benefits, but many insecurities

In the world of medical device security, success comes down to having the capability to fail gracefully.

This is not as oxymoronic as it might seem, Kevin Fu told an audience at the Security of Things Forum in Cambridge, Mass., on Thursday. What is more important than bulletproof security, he said, is the ability to contain or “localize” breaches or infections so they don’t disrupt the continuity of operations.

Fu, CEO and cofounder of Virta Laboratories. whose opening keynote was titled, “Your Fly is Down: Managing Medical Device Security Risk,” was just one of multiple experts who said the security of those devices could be drastically improved just by practicing basic security hygiene.

But even without that, the reality in the medical field is different from that of most other sectors of the Internet of Things (IoT): The risks of vulnerabilities in connected medical devices are frequently outweighed by the benefits offered to patients by those devices.

Read Also:
Ready for new EU data protection rules? Four steps to master compliance

Just one example, he said, is pacemakers, which used to require the use of a needle to adjust or maintain them. “That created an infection risk, which in some cases was fatal,” he said, “so there are great benefits to wireless devices because they increase the sterile field.”

[ ALSO: SOURCE Boston: Medical devices still vulnerable, but things may be changing ]

In general, he said, “patients prescribed an implant are far safer with those devices than without, even though we have found major security problems with them.”

This, he said, is not to imply that improving security is unimportant. He said a major risk to health care organizations, which has exploded in the past year, is ransomware, which in general is not aimed at specific devices, but the entire operation.

“That can result in shutting down operations, and disrupting the clinical workflow,” he said.

But when it comes to individual medical devices, he and others said the majority of flaws fall into the “low-hanging fruit” category – they could be addressed with the digital version of zipping up your fly.

Read Also:
Digital transformation forces businesses to rethink cybersecurity

Part of the problem, which has been widely reported, is that the industry is still early in the transition to connected devices. Many are legacy systems or devices, designed without any expectation that they would be connected, and therefore without any security built in.

Dr. Julian Goldman, a physician at Massachusetts General Hospital, made that point during a panel discussion following Fu’s keynote titled, “Securing Connected Health Devices and Networks.”

He said a major obstacle to security is, ”the age of the equipment – a lot of it is 10 or 15 years old. The developers may have left the company.

 



Chief Analytics Officer Europe

25
Apr
2017
Chief Analytics Officer Europe

15% off with code 7WDCAO17

Read Also:
Data-stealing Qadars Trojan malware takes aim at 18 UK banks

Chief Analytics Officer Spring 2017

2
May
2017
Chief Analytics Officer Spring 2017

15% off with code MP15

Read Also:
Big Data: Cyber Security Is Breaking Into Elite Business Schools — Here's Why
Read Also:
7 tips for developing a powerful data disaster plan

Big Data and Analytics for Healthcare Philadelphia

17
May
2017
Big Data and Analytics for Healthcare Philadelphia

$200 off with code DATA200

Read Also:
Data governance and lock-in: A glimspe into the mind of today’s CIO

SMX London

23
May
2017
SMX London

10% off with code 7WDATASMX

Read Also:
What Hiring Managers Need to Understand About Data Scientists

Data Science Congress 2017

5
Jun
2017
Data Science Congress 2017

20% off with code 7wdata_DSC2017

Read Also:
7 tips for developing a powerful data disaster plan

Leave a Reply

Your email address will not be published. Required fields are marked *