By Dr. Vinay Sridhara
Few technology trends are growing as fast as the Internet of Things or IoT, but incredible IoT growth can also represent an organization’s worst cybersecurity nightmare if not properly handled.
In fact, many organizations that utilize IoT devices are finding they may not have the necessary security measures in place to monitor for device vulnerabilities and potential breaches. While a recent KPMG survey of 750 tech leaders predicts that IoT will lead to the next indispensable technology, a Ponemon Institute and Shared Assessments survey suggests that 76% of risk professionals believe that cyber-attacks are likely to be executed through an organization’s IoT devices.
When it comes to medical IoT devices, the consequences are especially chilling for both patients and healthcare professionals. Simply put – more connected medical devices mean more attack vectors and greater exposure to attack.
Current use of healthcare IoT devices
Quest Imaging Solutions provides all major brands of surgical c-arms (new and refurbished) and carries a large inventory for purchase or rent. With over 20 years in the medical equipment business we can help you fulfill your equipment needs
IoT devices can communicate with each other, and can be remotely monitored and controlled. The healthcare industry has benefitted from IoT technology, allowing for better connectivity between medical personnel and their patients via sensors, wearables, and even equipment like wheelchairs and oxygen pumps.
Recently, we have seen an increase in attacks on these devices from rogue hackers and bots. According to the 2020 IoT Threat Report from Palo Alto Networks' Unit 42 threat security team, "as many as 83% of Internet-connected medical imaging devices are vulnerable. Many medical devices run legacy appliances and software, causing them to be out of date and thus more susceptible to attackers to exploit vulnerabilities.
Protecting IoT devices
While medical connectivity is a must in today’s world, healthcare organizations need to ensure they are protecting ALL of their IT assets, including IoT devices. Specifically, this means organizations must implement security solutions that scan and monitor their owned and managed IT assets and all third-party systems to detect vulnerabilities that could be exploited.
To properly defend tens or hundreds of thousands of assets, of all types, across hundreds of different attack vectors, an organization must be able to gather data from a wide variety of assets continuously. The problem is that IoT devices are not always tracked by traditional cybersecurity tools and are either left undiscovered or partially tracked by a collection of standalone tools.