Medical device security has become a much bigger concern for healthcare organizations since ransomware attackers began using vulnerable medical devices in their attack campaigns. At the same time, there has always been industry and regulatory concern about the risks that vulnerable medical devices could posed to patient safety.
Earlier this year, the FDA issued a medical device safety action plan designed to expand its efforts in improving medical device safety, including setting up a CyberMed Safety (Expert) Analysis Board that will include representatives from the FDA and industry.
In her presentation, MITRE Principal Cybersecurity Engineer Julie Connolly will outline the challenges to securing medical devices, some of the consequences of not securing them, and best practices for healthcare organizations to ensure their medical device security.
- Installing a strong firewall;
- Purchasing equipment from a company that can load security applications prior to arrival/distribution to employees;
- Using technology to prevent unauthorized access in case the device is lost or stolen; and
- Updating devices regularly to ensure vulnerabilities are patch and the latest protections are in place.