Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable Blog

Subscribe

Cybersecurity Implications of IoT Innovation with the Healthcare Industry

The Internet of Things has the potential to revolutionize the world, including healthcare. But doctors, hospitals and medical experts might want to pause before adopting this technology and evaluate the cybersecurity challenges.

The commitment for the Internet of Things (IoT) in the healthcare sector is staggering. Recently a study from MarketResearch.com predicted that by 2020, the IoT market in the healthcare sector will reach $117 billion, expanding at a rate of 15 percent per year.

IoT refers to the networking of sensors and other devices to enable machine-to-machine communication. Because it can create a global web of IP-addressable devices that are often not regularly monitored or managed, this can greatly expand an enterprise’s threat surface.

The IoT’s intelligence, accessibility and ability to scale are not only its strengths, but also its weaknesses. According to Accenture Technology, the IoT can increase production, boost innovation and reshape the current business landscape. But this might come at the cost of cybersecurity.

Benefits and challenges

Within healthcare, the lifesaving potential of this technology makes its rapid adoption virtually irresistible. Networked devices can monitor conditions and notify healthcare providers, patients and loved ones of changes. Problems can be identified and controlled remotely. Appointments and procedures can be scheduled automatically, and records kept up-to-date and accessible to those who need them.

Networked devices can monitor conditions and notify healthcare providers, patients and loved ones of changes

Philips, a company best known for light bulbs and personal hygiene, has created a healthcare subsidiary to create a new generation of medical sensors.

“Phillips recently created a pillbox that pops open when it’s time to take your meds, and sends a message to, say, a family member or nurse confirming that you’ve taken them.” –The Globe and Mail

The example of an IoT pillbox, as helpful as it is, is only the tip of the iceberg for how beneficial IoT in healthcare can get:

  • Sensors like the ones used by neonatal units to monitor premature infants can be placed directly on the skin on home patients, along with high-definition cameras to monitor skin color, breathing and temperature, and alert nurses of any changes.
  • Smart beds now being used at New York Presbyterian Hospital can tell immediately if a patient has gotten up, and let the nursing station know.
  • Fitness trackers like the FitBit, Apple Watch, and others, which surpassed $2 billion in revenue, not only measure heart rate, sleep patterns, diet, and exercise but soon could be integrated with health care providers to track recovering or high risk patients.
  • Fitness trackers can also integrate with insurers to provide discounts. “U.S. insurer John Hancock (a subsidiary of Manulife) is offering clients up to 15% off premiums if they willingly hand over data that proves they lead a healthy lifestyle.” –The Globe and Mail

A recent CIO.com article cited three factors in the upward trend of IoT devices in healthcare:

  • Chances are you already have one. Consumer devices based on the IoT concept include the Apple Watch, fitness trackers and other commercially sold wearables.
  • They are getting less expensive. Sensors, a key component of IoT, will cost an average of $0.38 in 2020 as compared to $0.50 today.
  • They’re becoming standardized. The IPSO Alliance brings together companies such as Google, Cisco, Intel and Oracle to create standards and support “Smart Objects” technology.

Despite its widespread adoption in healthcare, this astronomical growth of unprotected devices and data could be a heart attack waiting to happen for the healthcare industry. Recent events such as the ransomware attacks against several prominent hospitals show that medical centers are high profile targets for hackers and online criminals.

Within healthcare, the lifesaving potential of this technology makes its rapid adoption virtually irresistible

The solution

Using the IoT safely in healthcare is not necessarily difficult. Good communication, appropriate protocols, mapping and isolating IoT devices and vulnerability management and analytics can help the healthcare industry protect patients and their networks.

Communication: Hospitals and healthcare providers must communicate with each other and their patients to ensure that risks are understood and mitigated. For example, a doctor or hospital will never call to ask for personal information to “access” or “fix” medical records or devices.

Island of IoT devices: Access to networked medical devices must be effectively controlled, and access by devices to other accounts and systems must be limited.

Keep your protocols and processes tight: Protocols and processes on networked equipment should not be enabled by default. Enabling only those that are necessary can help prevent intruders from gaining access to and control over your resources.

Know your metrics and where you’re vulnerable: IoT is about data and rapid interaction between devices, and something like the Tenable SecurityCenter Continuous View™ solution, which consolidates and evaluates vulnerability data across your organization, can prioritize security risks and provide a clear view of an organization’s security posture. It offers pre-built, highly customizable dashboards and reports which can help organizations visualize, measure and analyze the effectiveness of their security program regardless of their infrastructure.

The healthcare industry’s commitment for the Internet of Things (IoT) is staggering, but the cybersecurity implications don’t have to be. Learn more about how SecurityCenter Continuous View can help better protect your organization from cybercrime.

Related Articles

Are You Vulnerable to the Latest Exploits?

Enter your email to receive the latest cyber exposure alerts in your inbox.

tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today.

NEW - Nessus Expert Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Professional Trial.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Select Your License

Buy a multi-year license and save.

Add Support and Training

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable.io Vulnerability Management trial also includes Tenable Lumin, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Tenable.io BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Buy Now

Try Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web Application Scanning trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.cs Cloud Security.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578

Buy Now

Try Tenable.io Container Security

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Try Tenable Lumin

Visualize and explore your Cyber Exposure, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable.io Vulnerability Management, Tenable.io Web Application Scanning and Tenable.cs Cloud Security.

Buy Tenable Lumin

Contact a Sales Representative to see how Lumin can help you gain insight across your entire organization and manage cyber risk.

Try Tenable.cs

Enjoy full access to detect and fix cloud infrastructure misconfigurations and view runtime vulnerabilities. Sign up for your free trial now. To learn more about the trial process click here.

Your Tenable.cs Cloud Security trial also includes Tenable.io Vulnerability Management, Tenable Lumin and Tenable.io Web Application Scanning.

Contact a Sales Rep to Buy Tenable.cs

Contact a Sales Representative to learn more about Tenable.cs Cloud Security and see how easy it is to onboard your cloud accounts and get visibility into both cloud misconfigurations and vulnerabilities within minutes.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Select Your License

Buy a multi-year license and save more.

Add Support and Training