The healthcare Internet of Things: Promise and Risks

Exposed Devices and Supply Chain Attacks: Overlooked Risks in Healthcare Networks (Trend Micro)

“We discovered exposed medical systems — including those that store medical-related images, healthcare software interfaces, and even misconfigured hospital networks — which should not be viewable publicly. While a device or system being exposed does not necessarily mean that it is vulnerable, exposed devices and systems can potentially be used by cybercriminals and other threat actors to penetrate into organizations, steal data, run botnets, install ransomware, and so on. Furthermore, it shows that a massive amount of sensitive information is publicly available when they shouldn’t be.”

The article linked above and the companion Trend Micro blog post, along with the entire 61 page pdf report (available here) do a really good job of covering the range of threats confronting healthcare networks today.

The internet of things (IoT) offers so much of benefit — remote monitoring, diagnosis, collaboration, home healthcare, devices, etc. — to healthcare providers and patients that it is inconceivable that it will be abandoned. There are, however, significant privacy and health outcome risks associated with putting practically every software application, sensor, device and record within reach of the internet.

How large healthcare providers harness the IoT for better care delivery while minimizing the associated risks will go a long way toward sorting out the winners and losers in the business of healthcare.

Cyber security, identity assurance, and training are of critical importance if the promise of the healthcare IoT is to be kept for healthcare providers and patients alike.

Security integrators and IT professionals in the IoT era

Role Of Security Integrators In The Internet Of Things Era (Source Security)

Networking IoT devices may seem like an information technology (IT) function, typically handled by a chief information officer (CIO). However, says Martens, CIOs will be preoccupied with complex issues far beyond physical security. Therefore, identifying where IoT sensors are placed, how they are managed and how they interact will fall to facility managers. And they will depend on their security integrators’ expertise more than ever.

Technology is pushing the security and IT functions closer together, most obviously because they are increasingly provided over the same infrastructures. There’s a lot of good insight at the link.