Patient safety at risk from unsecured healthcare IoT, says Irdeto Research

The Internet of Medical Things is opening up a new world of possibilities to improve upon patient care. However, as the proliferation of connected and complex medical devices grows, care providers are more susceptible to cyberattacks than ever and must ensure IoT security strategies are robust to enable the future of care, according to new research from Irdeto.

Two years on from the crippling WannaCry ransomware outbreak, the Irdeto Global Connected Industries Cybersecurity Survey of 232 security decision makers in organizations in the healthcare sector (700 respondents in total) found that 82% have experienced an IoT-focused cyberattack in the past year. Of the organizations hit by an attack, 30% report experiencing compromised end-user safety, an alarming finding as global care providers fight to ensure the security of care facilities, medical devices and the safety of patients.

The research also found that operational downtime (43%) is the most common impact of a cyberattack, which in itself is likely to compromise patient safety when it comes to providers of critical care. This is followed by compromised customer data (42%) and brand or reputational damage (31%).

It also suggests that healthcare organizations are aware of where the key cybersecurity vulnerabilities exist with their infrastructure, but do not necessarily have everything they need to address them. When asked to identify where the most prominent vulnerabilities exist within healthcare organizations, the IT network was cited most frequently (50%), followed by the mobile devices and accompanying apps (45%) and IoT devices (42%). These findings suggest that network security is no longer enough to prevent significant damage and organizations need to factor security at both the app and device level into their strategy.

In addition, in the healthcare sector, a total of 98% of manufacturers and users of IoT devices state that the cybersecurity of the IoT devices they manufacture or use could be improved either to a great extent or to some extent. In addition to the patient safety issues, failure to address these challenges could prove costly, with the average financial impact as a result of an IoT-focused cyberattack in the healthcare space identified as over $340,000 USD, according to the survey.

“The benefits of connectivity in healthcare are clear for all to see, but this growth in connectivity brings with it an increase in vulnerabilities, with hackers looking to steal sensitive medical data, execute targeted attacks against care providers’ infrastructure and much more,” said Steeve Huin, Vice President of Strategic Partnerships, Business Development and Marketing, Irdeto . “The industry is clearly aware of the cybersecurity issues it faces, and it is now imperative that organizations upskill and implement robust cybersecurity strategies, incorporating device and app security, to ensure patient safety and optimal care, while preventing the extra costs insurance companies must charge as a result of a cyberattack.”

Almost all (rounded to 100%) of the healthcare organizations surveyed agree that a security solution should be an enabler of new business models, not just a cost, which suggests that attitudes towards IoT security are changing for the better as IoT devices proliferate throughout the sector.

Click here to download the full report on the survey results:

https://go.irdeto.com/connected-industries-cybersecurity-survey-report/