December 21, 2017 Source: forbes 664
Medical devices are increasingly the targets of cyber thieves looking to get their hands on sensitive information. And the risks are growing rapidly.
As more devices connect to the Internet in order to feed patient data to health care providers and take advantage of the “big data” revolution, they have become more vulnerable to hackers. Thieves are preying on organizations’ poor cyber threat monitoring, lack of cohesive cybersecurity policies and weak data access controls, as well as inadequate device disposal practices.
A 2015 KPMG survey found that 81 percent of health care organizations had their data compromised within the previous two years. Common types of cyber attacks on devices include:
Both device makers and the health care organizations that use medical devices must work to reduce their associated cyber risks. Earlier this year, the U.S. Food and Drug Administration released new guidelines that encourage medical device makers to implement practices to improve the cyber security of their products, including sharing cyber threat information with other manufacturers.
Organizations that want to implement the new FDA guidelines as well as improve their cybersecurity posture should consider a “one policy” approach. What this means: Rather than allowing every department of an organization—from corporate IT to legal and compliance—to handle cybersecurity their own way, they should develop a single policy that every department follows. This involves analyzing the top threats and then developing practices to minimize them.
Here are some other ways organizations can improve medical device security:
Manufacturers and health care organizations that prioritize cybersecurity and take a holistic and consistent approach can greatly reduce their associated risks.
By Ddu
your submission has already been received.
OK
Please enter a valid Email address!
Submit
The most relevant industry news & insight will be sent to you every two weeks.