TRENDING:

Medical Device Security: Key Steps

Researcher Calls for a Collaborative Effort Marianne Kolbasuk McGee (HealthInfoSec) • February 24, 2014     5 Minutes   
Medical Device Security: Key Steps
Ryan Kastner
Improving the security of medical devices requires the collaboration of healthcare organizations, manufacturers, regulators and patients, says researcher Ryan Kastner, who outlines action items.

"It relies on a bunch of different communities coming together - the doctors, the patients, the developers of the devices and the people writing the software and building the hardware. They all need to come together to talk about what are the issues, and how we can build more secure devices," says Kastner, a professor in department of computer science and engineering at the University of California, San Diego.

For starters, healthcare organizations need to make it clear to medical device makers that "we want a secure device and are willing to pay more for a device that is more secure," he says in an interview with Information Security Media Group at the 2014 HIMSS Conference in Orlando.

Those kinds of conversations are just now beginning to occur, he notes, after many years when security of medical devices was not a top priority of healthcare organizations or patients. The emergence of networked medical devices that connect to the Internet is building awareness and concern about potential cyberthreats and vulnerabilities, he adds.

Medical devices manufacturers must take the initiative to enhance security testing, including coming up with new threat models that reflect emerging cybersecurity concerns for the various scenarios in which the products are used, he says.

"There are tools out there that can do that, but even if you have the perfect tools, you need to come up with the right scenarios in order to know the sort of threats there are," he says.

In the interview, Kastner also discusses:

  • Why the security of medical devices is a growing concern;
  • Why some devices are more vulnerable than others;
  • Suggestions for how government regulators can help bolster medical device security.

At University of California, San Diego, Kastner researches embedded system design, in particular, the use of reconfigurable computing devices for digital signal processing as well as hardware security. He is the co-director of UCSD's Wireless Embedded Systems Master of Advanced Studies Program. He holds a PhD in computer science from University of California, Los Angeles.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Previous
Cyberthreat Protection Evolves
Next
The Evolving Threatscape



Around the Network

Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Why Health Firms Struggle with Cybersecurity Frameworks
Why Health Firms Struggle with Cybersecurity Frameworks
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.