Medical devices are increasingly interesting to hackers as this life-saving equipment joins the internet of things (IoT) ecosystem. More than one-third (35.6%) of surveyed professionals within that ecosystem said their organizations experienced a cybersecurity incident in the past year.
According to a
Deloitte & Touche poll, identifying and mitigating the risks of fielded and legacy connected devices presents the industry's biggest cybersecurity challenge (30.1%).
"It's not surprising that managing cyber-risks of existing IoT medical devices is the top concern facing manufacturers, providers and regulators," said Russell Jones, Deloitte Risk and Financial Advisory partner at Deloitte. "Legacy devices
can have outdated operating systems and may be on hospital networks without proper security controls.”
He added, “Connected device cybersecurity can start in the early stages of new device development, and should extend throughout the product's entire lifecycle; but even this can lead to a more challenging procurement process. There is no magic-bullet solution."
Additional cybersecurity challenges that connected medical devices presented to respondents included embedding vulnerability management into the design phase of medical devices (19.7%), monitoring and responding to cybersecurity incidents (19.5%), and lack of collaboration on cyber-threat management throughout the connected medical device supply chain (17.9%).