Per a new Gartner Research Note, by 2020 more than 25 percent of identified attacks in healthcare organizations will involve the Internet of Things (IoT). Two things that might be hard to believe: 1) The year 2020 is less than three years away. 2) There’s a common misconception that IoT is just a consumer issue. While IoT can provide lots of streamlining, big data and efficiency in operations, it can also create a whole host of issues for both consumers and enterprises. Healthcare is an interesting intersection where unprotected IoT can affect both patients and hospitals.
Check out the list of IoT healthcare devices. All of these devices that connect to the hospital network can create an entry point for attackers to easily break in to access, steal or ransom sensitive data, such as employee records, financial information and patient files (which have strict HIPAA regulations).
The new Gartner Research Note, entitled Healthcare Provider CIOs Need to Address IoT’s Security Risks Now, provides recommendations for how to address these security risks. My top two favorites are:
- Mitigate IoT security risks by using a blended approach that includes security methods taken from mobile, cloud, industrial control, automation and physical security.
- Redefine device security strategy to address new types of vulnerabilities introduced by IoT infrastructures by including embedded trust, device identities/credentials and real-time visibility and control.
At Forescout, we talk about the importance of visibility and control and are thrilled to see Gartner talking about it too. I encourage you to take a deeper dive into the Gartner report for guidance on how to secure your connected healthcare environment.
For more information, check out:
- Gartner Healthcare IoT Research Note
- Forescout’s Approach to Securing Healthcare
- RWJBarnabus Healthcare Webinar
- Forescout’s Healthcare Solutions Brief