Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Cybersecurity Implications of IoT Innovation with the Healthcare Industry

The Internet of Things has the potential to revolutionize the world, including healthcare. But doctors, hospitals and medical experts might want to pause before adopting this technology and evaluate the cybersecurity challenges.

The commitment for the Internet of Things (IoT) in the healthcare sector is staggering. Recently a study from MarketResearch.com predicted that by 2020, the IoT market in the healthcare sector will reach $117 billion, expanding at a rate of 15 percent per year.

IoT refers to the networking of sensors and other devices to enable machine-to-machine communication. Because it can create a global web of IP-addressable devices that are often not regularly monitored or managed, this can greatly expand an enterprise’s threat surface.

The IoT’s intelligence, accessibility and ability to scale are not only its strengths, but also its weaknesses. According to Accenture Technology, the IoT can increase production, boost innovation and reshape the current business landscape. But this might come at the cost of cybersecurity.

Benefits and challenges

Within healthcare, the lifesaving potential of this technology makes its rapid adoption virtually irresistible. Networked devices can monitor conditions and notify healthcare providers, patients and loved ones of changes. Problems can be identified and controlled remotely. Appointments and procedures can be scheduled automatically, and records kept up-to-date and accessible to those who need them.

Networked devices can monitor conditions and notify healthcare providers, patients and loved ones of changes

Philips, a company best known for light bulbs and personal hygiene, has created a healthcare subsidiary to create a new generation of medical sensors.

“Phillips recently created a pillbox that pops open when it’s time to take your meds, and sends a message to, say, a family member or nurse confirming that you’ve taken them.” –The Globe and Mail

The example of an IoT pillbox, as helpful as it is, is only the tip of the iceberg for how beneficial IoT in healthcare can get:

  • Sensors like the ones used by neonatal units to monitor premature infants can be placed directly on the skin on home patients, along with high-definition cameras to monitor skin color, breathing and temperature, and alert nurses of any changes.
  • Smart beds now being used at New York Presbyterian Hospital can tell immediately if a patient has gotten up, and let the nursing station know.
  • Fitness trackers like the FitBit, Apple Watch, and others, which surpassed $2 billion in revenue, not only measure heart rate, sleep patterns, diet, and exercise but soon could be integrated with health care providers to track recovering or high risk patients.
  • Fitness trackers can also integrate with insurers to provide discounts. “U.S. insurer John Hancock (a subsidiary of Manulife) is offering clients up to 15% off premiums if they willingly hand over data that proves they lead a healthy lifestyle.” –The Globe and Mail

A recent CIO.com article cited three factors in the upward trend of IoT devices in healthcare:

  • Chances are you already have one. Consumer devices based on the IoT concept include the Apple Watch, fitness trackers and other commercially sold wearables.
  • They are getting less expensive. Sensors, a key component of IoT, will cost an average of $0.38 in 2020 as compared to $0.50 today.
  • They’re becoming standardized. The IPSO Alliance brings together companies such as Google, Cisco, Intel and Oracle to create standards and support “Smart Objects” technology.

Despite its widespread adoption in healthcare, this astronomical growth of unprotected devices and data could be a heart attack waiting to happen for the healthcare industry. Recent events such as the ransomware attacks against several prominent hospitals show that medical centers are high profile targets for hackers and online criminals.

Within healthcare, the lifesaving potential of this technology makes its rapid adoption virtually irresistible

The solution

Using the IoT safely in healthcare is not necessarily difficult. Good communication, appropriate protocols, mapping and isolating IoT devices and vulnerability management and analytics can help the healthcare industry protect patients and their networks.

Communication: Hospitals and healthcare providers must communicate with each other and their patients to ensure that risks are understood and mitigated. For example, a doctor or hospital will never call to ask for personal information to “access” or “fix” medical records or devices.

Island of IoT devices: Access to networked medical devices must be effectively controlled, and access by devices to other accounts and systems must be limited.

Keep your protocols and processes tight: Protocols and processes on networked equipment should not be enabled by default. Enabling only those that are necessary can help prevent intruders from gaining access to and control over your resources.

Know your metrics and where you’re vulnerable: IoT is about data and rapid interaction between devices, and something like the Tenable SecurityCenter Continuous View™ solution, which consolidates and evaluates vulnerability data across your organization, can prioritize security risks and provide a clear view of an organization’s security posture. It offers pre-built, highly customizable dashboards and reports which can help organizations visualize, measure and analyze the effectiveness of their security program regardless of their infrastructure.

The healthcare industry’s commitment for the Internet of Things (IoT) is staggering, but the cybersecurity implications don’t have to be. Learn more about how SecurityCenter Continuous View can help better protect your organization from cybercrime.

Related Articles

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

100 assets

Choose Your Subscription Option:

Buy Now

Try Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training