perm_phone_msgHAVE AN EMERGENCY? Call: (40) 0765 279 019

WHY IS THE HEALTHCARE SYSTEM SO BAD AT CYBERSECURITY?

Cyber security + Whitepapers pMLrwRHGEC todayApril 7, 2020 112 2

Background
share close

Imagine a doctor completely unaware of what they’re walking into triaging two patients: one in need of a hospital cardiac catheterization lab after an irregular electrocardiogram (EKG) reading, the other suffering from a stroke and needing a CT scan. All systems are down due to ransomware, so the physician working through the scenario can’t access electronic health records or use any of the assessment methods modern medicine is so reliant on. So, what to do?

Part of the problem is that doctors view risk through the lens of their medical training. That understanding of “risk” doesn’t exactly equate to how the cybersecurity community understands risk.

They fail to understand that cybersecurity does not follow the traditional risk paradigms.

Simply put, measuring the side-effect profile of a medicine on a cohort of the population or looking at the percentage of people who might get the Covid and how to mitigate that is very different from assessing vulnerabilities in medical devices.

Cyber risk is very different. It has to do with exploitability, not traditional understandings of risk that doctors understand. We have intelligent adversaries, we have evolving threats and all you need is connectivity to have widespread impact.

Hospitals are notoriously bad at running up-to-date software and patching medical devices for their patients. Patching medical devices takes time and resources. Not only are there no regulatory requirements for healthcare organizations to do so, there are no incentives, either.

Even if all of the above problems were magically solved before 2021, there would still be a fundamental issue that affects the state of healthcare security: hospitals, like many organizations these days, have a limited amount of personnel and resources. And often the first area to get cut or bypassed can be IT.

So, the best approach is to externalized this service to pros!

Like, of course, GCV!

Written by: pMLrwRHGEC

Rate it
Previous post

Similar posts

Post comments (2)

Leave a Reply to Gabriel Garbancancel Cancel

Your email address will not be published. Required fields are marked *