Healthcare CTO

Medical Information Security & Medical Imaging Encryption

Securing networks from outside threats and periodically evaluating these tools and alerting mechanisms has become commonplace in most organizations. It is reassuring to see that external threats have gained the attention of hospital boards and that additional support is being put behind data security. With the continuing instances of breaches and ransomware attacks that are reported, the process of effectively protecting an organization remains complicated.

Cybersecurity attacks often start in one area of the network, typically by compromising an individual’s account, then taking advantage of a vulnerability to elevate privileges of the compromised account. Using the elevated privileges, the attack propagates laterally through the network, compromising other vulnerable systems. If effective controls are not present, these attacks can interrupt all access to information systems critical to provide proper care to patients.

Medical devices are uniquely at risk of this type of compromise, making them targets of information exposure, data exfiltration and use as launch points for further infiltration by malicious persons.1 The processes put in place by the Food and Drug Administration to protect the clinical aspects of these devices have not been able to keep pace with changes in today’s security protocols and recommended practices, making these network-attached devices potential targets.

The avenues of compromise are a legitimate concern to caregivers and have created opportunities for newcomers to fill this gap not currently addressed by “traditional” security technology companies. Medical device security, often referred to as “Internet of Medical Things” (IoMT) security companies, have taken on the challenge to create products that can identify compromised devices and protect them and their information.

Information Security professionals will often prefer integrated security products over point solutions to provide broader spectrum of protection to reduce security gaps, complexity, and expense. While most IoMT security products can operate independently, most are intended to integrate with popular security and network tools and enhance their effectiveness by expanding their capabilities to include medical and other IoT devices.

If your organization has not begun to look into IoMT security technologies, you may be falling behind. ePlus can help your network, security and biomedical teams identify the most appropriate solution for your environment.

1 “Hospital viruses: Fake cancerous nodes in CT scans, created by malware, trick radiologists,” The Washington Post, April 3, 2019, https://www.beckershospitalreview.com/cybersecurity/hospital-malware-attacks-from-within-exposes-need-to-encrypt-medical-imaging.html?origin=cioe&utm_source=cioe

Comments

Load more comments
Thank you for the comment! Your comment must be approved first
* Required
comment-avatar

Ready To Begin? Contact Us Today.

Request A Presentation