How healthcare providers are getting IoT security wrong
More than 90 percent of healthcare IT networks have IoT devices connected to them, but those devices may not be properly protected according to a new study.
The survey by IoT security solutions company ZingBox shows that over 70 percent believe that the traditional security solutions used to secure laptops and servers are sufficient to secure IoT connected medical devices.
"The survey results demonstrate the current state of confusion and misconceptions abound in the healthcare industry on how best to secure connected medical devices. The need to gain a deeper understanding of the unique individual personalities of IoT devices remains a foreign concept to many. Unfortunately, you need to understand the device personalities to gain accurate visibility and protection," says Xu Zou, CEO and co-founder of ZingBox. "IoT technology presents special challenges to a healthcare organization’s ability to protect itself from both insider threats as well as external cyber-attacks across a wide range of attack vectors, as demonstrated by the most recent WannaCry ransomware and NotPetya wiperware attacks. As these attacks continue to step to the forefront, companies deploying IoT devices need to be more cognizant than ever of their security measures."
In addition the findings show that 76 percent of IT decision-makers within healthcare organizations are confident or very confident that all devices connected to their network are protected. Although they're using security techniques intended for servers and endpoints, IT staff at healthcare organizations believe they can detect irregularities in network traffic and detect when equipment like infusion pumps or glucometers are not behaving as intended.
"The results of the survey were sobering in terms of the risks the healthcare community faces," says May Wang, CTO and co-founder of ZingBox. "This is a tremendous opportunity to raise awareness of healthcare organizations regarding their perception of security and their need to consider modern techniques such as cloud, machine learning and real-time remediation across an organization's entire IoT footprint. IoT requires a more thorough approach to constantly monitor for deviations in behavior and provide alerts for suspicious behavior."
You can find out more about protecting IoT devices on the ZingBox site.
Image Credit: everything possible / Shutterstock