Wednesday, February 14, 2024

Human Cost in Healthcare Increases Criticality

 

The healthcare industry is interesting. This appears to be relatively straight-forward with the patient care staff and patient interactions. When you think through the full operation, there is much more involved through the entirety. Each step isn’t mainstream within the operations and is diverse. With all these attack points, the healthcare CISOs have their work cut out for them every day. This could include all the usual suspects (e.g., ransomware, phishing, supply chain compromises, data breaches, and social engineering).

One area gaining more traction and attention is IoMT. We’ve heard of IoT, especially with refrigerators, coffee makers, thermostats, and light bulbs. IoMT is differentiated from these as the focus are the medical devices. These may include the medical operational technology (OT) with wearable blood pressure devices, insulin pumps, ingestible sensors, remote patient care devices, and other monitoring devices.

The security has gotten better with these with the various technological improvements, e.g., BLE versus Bluetooth. This is a product of security starting to be built into the product sooner than later. There are still issues with misconfigurations, web app code the Dev Team thought was removed, and other issues.

As these devices interact more with patients, the risks increase substantially. Any security issues are amplified with the potential loss of life. This amplifies the need for security to be implemented early on with the Dev Team, and applied with the current version, not two or three versions down the line. A concentrated, thorough application of security with the software and hardware will significantly reduce the potential for incidence, which will allow your CISO to get a better night’s sleep. 


Services 

Enterprise and Embedded System Cybersecurity Engineering & Architecture


Red Team Pentesting   |   HW & SW BoMs  |   CBoM  | 

Vulnerability Management   |   Tabletop Exercises (TTX)   | 

Embedded Systems Architecture   |   Threat Intelligence   | 

TARA (Threat Assessment and Remediation Analysis) 


 charles.parker@mielcybersecurity.net 810-701-5511



Posted by at
Labels: , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)