Healthcare IoT and medical device cyber security specialist, Cylera, has formed its first Advisory Council, bringing together world leaders in cyber security to share insight and drive innovation to help tackle the myriad of security challenges facing today’s rapidly-digitalising healthcare sector.
As a critical infrastructure, healthcare remains a top target for cyber criminals, with access to rich patient data and a potential to cause significant damage and disruption to patient care.
And this threat is ever greater with rising geopolitical tensions and potential state-sponsored attacks.
With the sector planning further digital investment, tens of thousands more devices will join the IT networks, many of which could be a security risk, expanding a hospital’s attack surface for threat actors to exploit
Figures from IBM show that last year 81% of UK healthcare organisations experienced a ransomware attack, with patient in-person appointments having to be cancelled as a result for two thirds of these organisations.
And 65% admitted that a cyber attack could increase patient mortality rates, with the average cost of a data breach in the global healthcare sector amounting to £7.9m last year.
Complex environments
Timur Ozekcin, chief executive of Cylera (pictured left), said: “Healthcare is undergoing a particularly-dramatic digital transformation, with accelerated spend in IoT expected to reach $54billion by 2029.
“Already medical devices account for more than 30% of connected endpoints at hospitals, with devices ranging from X-rays and CT machines, mobile ultrasound machines, radiotherapy and chemotherapy devices, plus online building systems and CCTVs.
It is mission critical for hospitals to have visibility of their attack surface and therefore visibility into all connected assets to help secure their organisations
“Also, the number of remotely-monitored patients has risen sharply in the past couple years, with connected environments becoming increasingly more complex in healthcare.
“And, with the sector planning further digital investment, tens of thousands more devices will join the IT networks, many of which could be a security risk, expanding a hospital’s attack surface for threat actors to exploit.
Meeting the challenge
“Remote user access, unsegmented and potentially-unmanaged networks, legacy operating systems, and limited visibility into IoT device risks are just some of the security challenges keeping healthcare leaders and heads of hospital IT awake at night as they try to navigate the complexities of today’s interconnected device landscape.”
The Cylera Cybersecurity Advisory Council is made up of select members and involves CISOs, CIOs, and CTOs from major healthcare providers and hospitals, along with private sector companies.
The council will meet at least four times a year to share best practice, insight, and to address and tackle the unique security challenges of increasing-complex interconnected healthcare systems.
One of the council members, Brian Tschinkel, CISO at Weill Cornell Medicine, a leading academic health system in New York, said: “Cyber threats to the healthcare sector are among the most sophisticated and targeted across any industry.
With increasing digitalisation and rapid adoption of IoT devices across every industry, it’s imperative to stay ahead of the cyber security risks to the connected devices that make up our new cyber-physical environments
“Healthcare networks are incredibly complex, with interconnected medical and IoT devices that caregivers rely on to deliver the highest level of care to their patients.
Visibility of assets
“It is mission critical for hospitals to have visibility of their attack surface and therefore visibility into all connected assets to help secure their organisations.
“I look forward to advising Cylera to help stay ahead of future cyber security challenges.”
The council will also guide Cylera in its global expansion plans and the latest innovations to its IoT device cybersecurity and intelligence platform.
“Cylera is at the forefront of IoT cyber security,” said Tomás Maldonado, CISO at the National Football League (NFL) and Cylera Advisory Council member.
“With increasing digitalisation and rapid adoption of IoT devices across every industry, including sports and entertainment venues, it’s imperative to stay ahead of the cyber security risks to the connected devices that make up our new cyber-physical environments.
“I’m delighted to be working through the Advisory Council to help shape the future of Cylera on its mission to safeguard our connected world.”
