Government infrastructure won’t be the only new source of an attack that reaches tomorrow’s headlines. I also predict that a major hospital will face a HIPAA violation for using an unsecured smart medical device. Hospitals have a lot to gain from deploying the IoT for crucial data/insights to improve patient care, but so do hackers. They’re already targeting connected MRI machines, CT scanners and dialysis pumps to steal patient medical data, which is worth more than twice as much as financial information on the black market. While the FDA already recognizes that cybersecurity/HIPAA compliance is an important issue, it is not certain they get practices ready in time to prevent a major breach. And more important than data, there’s an ever-increasing chance that an IoT attack will put lives at risk if it can cause a shutdown of needed medical services.
How will hospitals fight back? The best prepared ones will do so by adopting improved security practices such as: password management, policies to ensure all devices are up to date/passwords get changed, network segmentation, software-defined network overlays with security built in and improved data management policies. Vital to ensuring that these practices get used successfully will be administrators that make them part of the hospital’s workplace culture.
Comments
Post a Comment