By Subhankar Bhattacharya, Lead Marketing for Medical Devices at Xilinx
Are you planning to attend the Xilinx Security Working Group 2019? Act fast! No-charge registration is almost sold out for sessions in San Jose and Munich, featuring Industrial and Healthcare IoT security sessions!
Watch a video from Xilinx on an effective Cyber Attack defense solution for your Healthcare or Industrial ‘Neighborhood!’
Before you read on, four worldwide events are now open for registration, with San Jose and Munich locations featuring sessions on Industrial and Healthcare IoT security. Register today!
Hackers are getting more sophisticated and are targeting sensitive, potentially vulnerable, and sophisticated targets like Healthcare and Industrial networks. Xilinx Healthcare & Industrial IoT solutions and the Zynq® UltraScale+™ System-on-Chip (SoC) platform provide the right defense for medical and industrial equipment that are an integral part of the ‘Operational Technology’ within large networks in hospitals and manufacturing plants.
**Watch this video on a cybersecurity demonstration platform to learn about Xilinx advantages in protecting your embedded systems and equipment! **
The HIPAA Journal last year published exponential growth of attacks in the chart above
Some important facts:
In 2017, the US Medical & Healthcare sector experienced 350 data breaches involving 5M+ patient records [Source: The HIPAA Journal]
Over $20B in 2020 will be spent on cybersecurity infrastructure in the US alone [Source: Bloomberg Government Data]
For healthcare, there’s no standardized mix of system security methodologies & policies
The US FDA, the guardian of the medical equipment sold in the US, published guidance on best practices for cybersecurity.
But this information from the FDA should not just be taken as guidance. There is a long runway to getting guidance changed into law. Due to the long design and validation time and time to market of medical equipment, these requirements should be considered immediately to meet compliance.
And it’s not just the FDA…the US Department of Defense and HIPAA are also involved in varying levels to bring fundamental changes to the way cybersecurity is dealt with for healthcare.
So, can you leave your systems unprotected or ‘air-gapped’ in a healthcare network environment like in a hospital? The answer seems to be: ‘Not Anymore!’
The time gap without maintenance and patching requirements is being reduced exponentially and IT administrator tasks in hospitals are getting harder because of the growing complexity.Security vs. Time w/out Maintenance
So, whether it’s a medical ultrasound, a CT scanner in radiology, digital equipment in pathology, nursing-station patient monitoring equipment, or even a PC, any can pose a threat to the network environment.
So the challenge for hospital environment IT is growing every day. As more medical equipment gets added to the hospital network, IT’s responsibility in managing a complex multi-tier multi-protocol system gets more complicated.
For traditional IT systems involving electronic medical records, finance, and HR, the priority is to protect the integrity of the data, and the systems must be able to be shut down and be isolated to protect against malware attacks. But for medical devices or equipment used in surgery and/or the ICU, the internal network has to keep running with high availability and maintain a safe state. Further, radiology equipment may have even a different set of priorities. The growing complexity in end-use of medical equipment within hospital settings continues to put more emphasis on risk management in terms of reliability and security.