With the rise of the Internet of Medical Things (IoMT), the healthcare ecosystem is getting smarter – but more vulnerable to cyberattacks, too.
From robotic arms that aid surgeries to wearable or ingestible sensors that pair with your smartphone to monitor your health, connected medical devices are a market in expansion. Smart hospitals are expected to deploy over 7 million IoMT devices by 2026 – more than twice that of 2021, per Juniper Research.
As a subset of the Internet of Things (IoT) in healthcare, Internet of Medical Things refers to connected healthcare devices and applications. Since medical devices are not designed with security mind, they are often vulnerable to cyberattacks — and have become a growing target of cybercrime.
So you should get prepared.
IDC predicts there will be over 55 billion Internet of Things (IoT) devices by 2025. And it’s concerning that 57% of healthcare security professionals don’t fully understand the risks associated with unmanaged and IoT devices, according to our report on IoT security. There’s even a lack of understanding of what counts as Internet of Things in healthcare:
This knowledge gap hinders hospitals’ ability to implement the right medical device security solution. IoMT devices are often unmanaged and, as such, more vulnerable than managed computers because they cannot be secured with traditional security tools, such as agents and scans.
Trends of digital transformation in healthcare have increased the push for IoMT technology. But while implementing those innovations, equally important is to build hospital cybersecurity resilience along the way.
Here are four IoMT examples to take into account when identifying your cyber attack surface — that means, all the possible entry points for an unauthorized access.
These connected devices could potentially be exploited to malfunction and cause harm to patients. Attackers might also use medical devices as a back door to break into hospital networks. Health data breaches are another concern. A report from the U.S. Government Accountability Office shows that the number of reported breaches involving protected health information (PHI) is increasing yearly, reaching 714 breaches of more than 500 records last year.
The convergence with devices that are not necessarily medical, but are used as such, also expands the attack surface. For example, vendors are using Samsung Galaxy and Raspberry Pi to power medical devices as a way to lower costs. This clinical usage poses a security blind spot, especially if your security tool thinks it’s dealing with a tablet, rather than understanding that it might have, for example, an ultrasound component connected to it.
Traditional IT devices such as printers in doctor’s offices and operational technology (OT) – think of pressure setting for infection control during surgeries – also pose cybersecurity risks. From check-in kiosks to nurse call systems and defibrillators, patients are surrounded by devices throughout their hospital stay. Another example of the pervasiveness of IoT in healthcare is the increased use of surveillance webcams to help protect physicians and nurses from growing workplace violence.
To learn more healthcare cybersecurity, download our white paper on medical and IoT device security.
Asset visibility is critical not only to increased hospital cybersecurity but also to improved operational efficiency and return on investment (ROI). Hospitals can better understand:
This type of information helps both clinical teams with device utilization trends and cybersecurity personnel with vulnerability management.
For comprehensive device inventory and visibility, your cybersecurity solution needs to identify all assets in your environment (on and off-network), including those that cannot accommodate security agents. The monitoring needs to be continuous and passive because scans are disruptive and can cause devices to crash.
The Armis platform can do that, and more. Armis discovers, classifies, and provides additional context about each asset. A comprehensive device inventory generates information such as category, manufacturer, FDA classification, operating system version, installed applications, connections, activities, risk factors, and more.
Armis can understand not only what the device is and what it is doing, but also what it should be doing. Armis compares real-time device activity to historical behavior and baselines stored in our Collective Asset Intelligence Engine — the world’s largest device knowledgebase, tracking over two billion assets and growing. Real-time monitoring is critical to detect threats and trigger proactive incident remediation.
Ready to make the most of your IoMT devices while minimizing risks to patient care? Request a custom demo and discover all Armis can do for your health delivery organization.
Attack surface refers to all possible entry points where a security breach could happen. Attack surface management is the process of continuously discovering, mapping, and monitoring those entry points, and then prioritizing measures to prevent breaches.
The U.S. Food and Drug Administration (FDA) is responsible for regulating medical devices. The agency:
– Establishes specific requirements for what counts as a medical device.
– Classifies medical devices into three classes based on their degree of risk.
– Evaluates the safety and efficacy of medical devices.
The FDA’s latest draft guidance for cybersecurity in medical devices outlines recommendations when it comes to device design, labeling, and documentation for premarket submission.
The document emphasizes the general principle that cybersecurity is part of device safety. FDA understands device security as its ability to meet objectives such as integrity, confidentiality and timely patchability.
Check out all IoMT Playbook Chapters:
Sign up to receive the latest news