Antoinette Hodes is a Global Solutions Architect, specializing in IoT, and serves as an Evangelist with the Check Point Office of the CTO. She has worked as an engineer in IT for over 25 years and is an experienced security solutions architect in the cyber security industry.
By connecting medical devices, sensors, and other equipment to the internet, hospitals can improve patient care, reduce costs, and improve efficiency.
Despite the increasingly complex nature of IoT environments, IT security solutions have lagged behind, offering limited visibility and control over IoT devices and the associated risks they present.
Securing these devices poses a challenge due to the vast range of communication protocols they employ and their inherent vulnerabilities stemming from legacy operating systems, hardcoded or weak passwords, patching difficulties, physical accessibility, operating system misconfigurations, lack of built-in security measures, and unsecured communication protocols.
Simply upgrading OEM devices running Windows 7 is undoable due to high costs.
Same goes for Embedded XP. Examples of such devices are imaging systems, magnetic resonance imaging and computed tomography, blood pressure monitoring devices and defibrillators.
Rough estimations are that 70% of all medical devices are unsupported.
Certification is essential to ensure that medical IoT devices meet the necessary regulatory standards and comply with healthcare industry requirements.
It helps guarantee that these devices are accurately designed, built with appropriate quality controls and have reliable performance.
Devices must undergo assessment to ensure they have appropriate measures in place to safeguard data privacy, prevent unauthorized access, and maintain data integrity.
Certification may require devices to demonstrate compatibility with relevant communication protocols and healthcare information systems.
A huge game changer is that with every change in a program, firmware or patch a IoMT device might face the need to be re-certified again.
Yet those devices plays a critical role in ensuring the reliability, safety and effectiveness of connected healthcare devices, protecting patient well-being and fostering innovation in the healthcare industry.
Additional challenges arise from the fact that a significant number of SCADA devices still operate using default or easily guessable passwords.
The intersection of 5G and IoT for revolutionized healthcare.
Properly securing IoT devices is crucial for various reasons and particularly so in the case of medical and health records.
These malicious activities can compromise the sensitive health data stored in IoT devices, causing disruptions and potential harm to patients.
Organizations that fail to secure their IoT devices may face significant financial implications resulting from data breaches, litigation fees, and regulatory penalties.
Reputational damage is a major consequence of insecure IoT devices in healthcare.
By securing IoT devices, healthcare organizations adhere to industry standards and reduce the risk of legal complications, ensuring compliance with privacy laws and regulations.
This Cyber News was published on blog.checkpoint.com. Publication date: Fri, 05 Jan 2024 13:43:04 +0000