Ransomware Cost Hospitals Nearly $21B Last Year. How Protected Are You?
Today, as computing power and wireless capabilities improve, organizations are increasingly leveraging Internet of Medical Things (IoMT) technologies, such as internet-connected blood pressure monitors, continuous glucose monitors and MRI scanners. These tools, with their ability to collect, analyze and transmit health data, improve efficiencies, lower care costs and drive better patient outcomes.
However, according to a recent study on the state of healthcare IoT and IoMT devices, almost 80% of these devices are used so frequently that hospital security has little time to analyze them for risks and attacks, apply the latest patches and carry out segmentation to protect the devices on the network.
That’s a major problem, adding up to nearly $21 billion in ransomware costs in 2021.
Cybersecurity IoT and IoMT challenges
Hospital and healthcare organizations have been increasingly targeted for cybersecurity attacks, especially ransomware attacks that cripple networks and endanger patient safety. These attacks have gotten more sophisticated and have targeted older IoT devices, not just traditional devices like mobile devices and laptops, but things like older MRI machines and IV pumps.
IV pumps are the most common healthcare IoT device and possess the lion’s share of risk. The ubiquitous IV pump makes up 38% of a hospital’s typical healthcare IoMT footprint, and a whopping 73% of those IV pumps have a vulnerability that would jeopardize patient safety, data confidentiality or service availability if it were to be exploited by an adversary.
As IoMT and IoT devices are everywhere, hospitals and healthcare organizations are prime targets because 1) they typically don’t have visibility into the risk of these devices, 2) they don’t know the number of IoT devices they have, and 3) they lack a comprehensive solution to address risk and protect IoT devices.
Protecting hospital IoT and IoMT devices
The first step to protecting hospital IoT and IoMT devices is identifying and fixing vulnerable devices, as 53% of IoMT and IoT devices contain critical risks. For example, a third of bedside healthcare IoMT devices, the devices closest to patient care and vital to optimal health outcomes, have an identified critical risk.If any of these devices were attacked, patient safety, service availability or data confidentiality could be severely impacted, either directly or as part of an attack's collateral damage.
Second, it’s vital to ensure the alignment of stakeholders, as devices fall under different teams within hospital organizations. These teams need to cohesively identify and fix all the vulnerable endpoints within their environment, and not just a portion of them.
And third, you must work to increase the urgency level to secure these devices now to meet the cybersecurity goals of the company. Waiting until an asset inventory is completed is no longer an option, as it will most likely prove too late.
The solution: Ivanti Neurons for Healthcare
The good news is there is a solution in the market that can address these challenges – Ivanti Neurons for Healthcare.
Ivanti Neurons for Healthcare delivers the complete picture of IT across healthcare facilities by discovering and intelligently profiling medical devices and the Internet of Medical Things (IoMT), assessing security risks, reporting threats and reconciling device information across multiple data sources. Most importantly, this solution can segment the entire device fleet to help with the troubleshooting process as well as not jeopardize patient safety, patient info, or clinical workflows.
If you’re interested in learning more, click here.
And if you’re in the Miami Beach area March 6-9th, come see a live demo/presentation in the AT&T Healthcare booth #902 at the VIVE Show. We will also have a live demo/presentation at the HIMSS Show on March 13-18th in Orlando, FL in the AT&T Healthcare booth #2659. We look forward to continuing the discussion.