Intelligent Health.tech Issue 07 | Page 19

H E A L T H I N S I G H T S
Without a suitable cybersecurity incident plan and software backup solution , healthcare organisations run the danger of losing patient data , having an adverse impact on patient care and safety and having their brand name damaged . All employees should be aware of their role and place within this plan .
6 . Crisis Simulation Training – Once your incident response plan is in place testing this through a Crisis Simulator is recommended . Crisis Simulators are training exercises in which fake crisis scenarios are presented ; for example , a ransomware attack , to assess employees ' capacity to adhere to their incident response plan religiously and respond to a crisis successfully .
Richard Staynings , Chief Security Officer at Cylera
Cybersecurity training should be performed regularly to ensure staff are up to date with the latest developments in the field . Health facilities should regularly review and identify knowledge gaps among staff to provide pertinent and effective training .
Since many healthcare professionals regularly interact with these devices , their actions are therefore crucial to the prevention of cybercrime . They serve as the patient safety ' s eyes and ears , managing and keeping a watch on crucial medical and other IoT devices needed to diagnose , monitor , manage and treat patients .
Most medical devices are employed in hospitals and clinics , but since COVID-19 , the number of remotely monitored patients has risen . There ’ s an increasing number of traditional and wearable devices sent home with patients , allowing care teams to monitor patients remotely from their homes . This means more systems communicating back to hospitals across the Internet and a greater attack surface for cybercriminals to exploit .
Securing medical devices
With so many medical devices now connecting to the network , how can the industry secure them ?
The inventory , risk analysis and risk remediation of hospital IoT ( HIoT ) linked devices can now be dynamically automated by cybersecurity providers using compensating security measures thanks to
advances in next-generation of IoT security technologies . Artificial Intelligence ( AI ), Machine Learning ( ML ) and DigitalTwin technology are used to achieve this . With the aid of current network access control ( NAC ) tools , these technologies enable highly precise analysis and identification of discrete systems , passive risk assessment of frequently delicate life-sustaining equipment and can be seamlessly integrated and automated into the network .
This is an excellent illustration of how cutting-edge security tools are being used to mitigate new risky medical equipment . As many HIoT devices cannot be updated with security patches , medical device ‘ enclaving ’ or ‘ network segmentation ’ acts as an efficient form of remediation , lowering threats to patients and the medical network . Regulators often allow this compensatory security measure , which enables the ongoing safe use of otherwise end-of-life medical devices .
To protect against the growing threat of cyberattacks , what is required is a combination of people , processes and technology . Advances in AI-based cybersecurity tools mean healthcare organisations can now automate the entire security process , through a progression of asset identification , risk analysis , profiling and improved medical device management . However , you ’ re only as secure as your weakest link and medical staff members are a critical factor in keeping healthcare cybersecure and protecting what matters most – patient care . �
www . intelligenthealth . tech 19