How weak cybersecurity for medical devices is putting patient lives at risks
Attivo Networks’ Ms. Carolyn Crandall shares significant steps for the healthcare industry to implement in its cybersecurity solutions to reduce risks to patient lives.
In a field where lives are at stake and every second matters, building more accurate models for a wider range of conditions and diagnoses is key, but it also comes with cybersecurity risks that put the privacy and integrity of patient data at risk.
The continuous technological development using AI within the healthcare industry has led to many positive outcomes for patients, saving lives and improving quality of life through new processes and practices for healthcare professionals.
However, Carolyn Crandall, chief deception officer at Attivo Networks, a company that provides detection, analysis and automated responses to in-network threats in real-time, believes there is still some way to go in improving security standards, despite the guidelines set by the Health Insurance Portability and Accountability Act (HIPAA).
She says: “Healthcare environments are incredibly complicated based on the devices they have to secure, the environments they must protect, the lack of vendor support related to security and limited government standards.
“Regulators have put in place guidelines for protecting personal healthcare information but haven’t been as prescriptive in setting minimum standards for medical devices and protection of their networks.”
“This leaves a high degree of latitude in the baseline security that vendors must offer, variable policies on supplier management, and in security operations.”