Medical Design and Outsourcing

  • Home
  • Medical Device Business
    • Mergers & Acquisitions
    • Financial
    • Regulatory
  • Applications
    • Cardiovascular
    • Devices
    • Imaging
    • Implantables
    • Medical Equipment
    • Orthopedic
    • Surgical
  • Technologies
    • Contract Manufacturing
    • Components
    • Electronics
    • Extrusions
    • Materials
    • Motion Control
    • Prototyping
    • Pumps
    • Tubing
  • Med Tech Resources
    • DeviceTalks Tuesdays
    • Digital Editions
    • eBooks
    • Manufacturer Search
    • Medical Device Handbook
    • MedTech 100 Index
    • Podcasts
    • Print Subscription
    • The Big 100
    • Webinars / Digital Events
    • Whitepapers
    • Video
  • 2022 Leadership in MedTech
    • 2022 Leadership Voting!
    • 2021 Winners
    • 2020 Winners
  • Women in Medtech

Cybersecurity: Is medtech ‘lackadaisical’ about it?

March 21, 2017 By Heather Thompson

cybersecurity

[Image courtesy of Blogtrepreneur on Flickr, per Creative Commons 2.0 license]

The medical device industry needs to shake itself out of its stupor when it comes to cybersecurity, according to James Scott, senior fellow at the Institute for Critical Infrastructure Technology and author of the new paper, How to Crush the Health Sector’s Ransomware Pandemic.

Companies in the medtech sector and the overall healthcare space face nothing short of cyberwar with “combat nation states, cyber mercenaries, cyber caliphate, and other actors,” Scott said.

Without intervention, he said, “The health sector will continue to be pummeled by any and every script kiddie and sophisticated cybercriminal dedicated to stealing electronic health records and personally identifying information for infinite variation of use and optimal capitalization on dark web forums.”

The industry’s lack of action has left EHRs vulnerable to both sophisticated and unsophisticated attacks, the result of which is that patients are desensitized to breach notifications, and many healthcare organizations have negligently stopped disclosing breaches. Said Scott:

“Few critical infrastructures need to expedite their cyber resiliency as desperately as the health sector, who repeatedly demonstrates lackadaisical cyber hygiene, finagled and Frankensteined networks, virtually unanimous absence of security operations teams and good ol’ boys club bureaucratic board members flexing little more than smoke and mirror, cybersecurity theatrics as their organizational defense.”

And medical devices are part of the problem. Scott noted that pacemakers, insulin pumps, defibrillators and other medical equipment are extraordinarily vulnerable to cyberattacks. Further, embedded devices, medical equipment and mission critical systems have been shown to have lax security and are vulnerable to hackers.

But there is some hope, Scott said, for even the most apathetic organizations: machine learning based artificial intelligence. It is an algorithmic defense that allows groups to predict, detect and respond to threats, thus thwarting the majority of ransomware attacks. Using machine learning throughout the layers of an IoT microcosm can improve healthcare cybersecurity. Such a system recognizes, learns and adapts to hacker behavior with automated network defenses.

Machine learning (ML) applies to cybersecurity in two ways:

  1. ML links seemingly unrelated activities together. For example, a hacker might use multiple accounts to access different types of sensitive personal health info (PHI). Each account might have valid access rights to some of the data, so rules-based security solutions won’t see anything wrong. ML can track IP address and other identifying information to link the parts into a single unified session that is then positively attributed to a person.
  2. Second, ML assesses the behaviors of those coherent identities to determine if risky behavior is underway. It calculates a risk score based on the similarity to normal behavior observed for the user performing the specific events. Once the risk score has been determined in real-time, the system can use it during a login event to either grant the access, initiate a more in-depth log-in (aka, a multifactor event authentication), or block the access.

Currently, healthcare organizations use AI for big data analytics, clinical applications and benevolent network defense. But machine learning and artificial intelligence solutions are the only sophisticated defense against ransomware and tailored malware attacks. For once, information security professionals have a major advantage over cyber-adversaries in their ability to adopt and utilize artificial intelligence and machine learning solutions.

However, that advantage will not last. Adversaries are already attempting to reverse engineer and research AI solutions. Adversaries have an economic incentive to weaponize any and every emerging technology against healthcare and other organizations that are inadequately securing valuable information.

Cybersecurity is a perpetual arms war of escalation. New defensive technologies, such as the emergence of artificial intelligence capabilities, garner response in adversarial innovation.

Industry needs to responsibly protect its patients and their data by adopting algorithmic defense solutions. Each and every payer, provider and insurer that chooses artificial intelligence and machine learning defense-grade solutions, contributes to repairing the cybersecurity of the health sector; in doing so, they also rebuild the trust between patients and healthcare organizations.

[Want to stay more on top of MDO content? Subscribe to our weekly e-newsletter.]

Related Articles Read More >

cybersecurity
Moody’s warns of cybersecurity, antitrust and supplier risks for medical device companies
FDA proposes new cybersecurity, supply chain and inspection laws for medical device manufacturers
FDA’s $8.4B budget request includes supply chain, pandemic prep and cancer funding
Cybersecurity medical device
FDA warns of cybersecurity risk in certain medical device software components

DeviceTalks Weekly.

July 1, 2022
Boston Scientific CEO Mike Mahoney on building a corporate culture that drives high growth results
See More >

MDO Digital Edition

Digital Edition

Subscribe to Medical Design & Outsourcing. Bookmark, share and interact with the leading medical design engineering magazine today.

MEDTECH 100 INDEX

Medtech 100 logo
Market Summary > Current Price
The MedTech 100 is a financial index calculated using the BIG100 companies covered in Medical Design and Outsourcing.
DeviceTalks

DeviceTalks is a conversation among medical technology leaders. It's events, podcasts, webinars and one-on-one exchanges of ideas & insights.

DeviceTalks

New MedTech Resource

Medical Tubing

Enewsletter Subscriptions

Enewsletter Subscriptions

MassDevice

Mass Device

The Medical Device Business Journal. MassDevice is the leading medical device news business journal telling the stories of the devices that save lives.

Visit Website
MDO ad
Medical Design and Outsourcing
  • MassDevice
  • DeviceTalks
  • MedTech 100 Index
  • Medical Tubing + Extrusion
  • Drug Delivery Business News
  • Drug Discovery & Development
  • Pharmaceutical Processing World
  • R&D World
  • About Us/Contact
  • Advertise With Us
  • Subscribe to Print Magazine
  • Subscribe to E-newsletter
  • Attend our Monthly Webinars
  • Listen to our Weekly Podcasts
  • Join our DeviceTalks Tuesdays Discussion

Copyright © 2022 WTWH Media, LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media LLC. Site Map | Privacy Policy | RSS

Search Medical Design & Outsourcing

  • Home
  • Medical Device Business
    • Mergers & Acquisitions
    • Financial
    • Regulatory
  • Applications
    • Cardiovascular
    • Devices
    • Imaging
    • Implantables
    • Medical Equipment
    • Orthopedic
    • Surgical
  • Technologies
    • Contract Manufacturing
    • Components
    • Electronics
    • Extrusions
    • Materials
    • Motion Control
    • Prototyping
    • Pumps
    • Tubing
  • Med Tech Resources
    • DeviceTalks Tuesdays
    • Digital Editions
    • eBooks
    • Manufacturer Search
    • Medical Device Handbook
    • MedTech 100 Index
    • Podcasts
    • Print Subscription
    • The Big 100
    • Webinars / Digital Events
    • Whitepapers
    • Video
  • 2022 Leadership in MedTech
    • 2022 Leadership Voting!
    • 2021 Winners
    • 2020 Winners
  • Women in Medtech