Cybersecurity's next big threat? MedSec VP of research says connected devices

  • Small
  • Medium
  • Large

Stephanie Domas, vice president of research at MedSec, a cybersecurity risk management provider in Miami, discusses cyberattacks on connected medical devices and the preventative actions health systems can take.

Responses have been lightly edited for clarity and length.

Question: How is technology keeping up with changes in the healthcare landscape in terms of cybersecurity?

Stephanie Domas: The healthcare industry is truly unique in its cybersecurity challenges, namely concerns regarding patient harm and the value and sensitivity of patient data. Because of this, healthcare-specific expertise and solutions are needed, and people such as me, and companies such as MedSec, are making great strides but still working hard to mature in these areas. Many of the cybersecurity concerns plaguing healthcare are not unique to healthcare; threats such as commodity malware, phishing and ransomware are ubiquitous across all industries. And while these problems aren't solved, there are best practices and tools out there that can be leveraged.

Q: What do you see as the next big cybersecurity threat hospitals should look out for?

SD: Connected medical devices are the next big threat. These devices make up 15 percent to 20 percent of the network endpoints in a hospital network, yet traditional IT vulnerability management and asset management tools don't work to monitor and secure them. Even medical devices that are cybersecure one day can become vulnerable the next day because of delayed software updates and new threats. This leaves an increasing gap in hospital defenses that attackers are targeting and will continue to target.

Q: Can you share some of your thoughts on cyberattacks on patient medical devices? Is this a threat hospitals should be prepared for, and what is the best way to do so?

SD: Attackers are smart; they will not attempt to take down your hardened systems when they can instead go after a hospital's weakest link. In many cases this could be a medical device — there are hundreds, if not thousands on a typical hospital network. Hospitals need to accept that their traditional IT security policies and security tools don't work for connected medical devices. The uniqueness of the clinical workflow, and the criticality of not disrupting a medical device in use means medical device-specific tools and policies need to be utilized. Tools such as MedScan by MedSec were purpose built for medical device asset management. But really the first step is understanding the risk profile created by medical devices. How many are on the network? Have they received required software updates? Are their security features configured correctly? How many 'legacy' devices are on the network?

Q: What is the No. 1, first step a hospital should take when developing a cybersecurity incident response plan?

SD: Make sure your plan encompasses all the different types of incidents that could occur, keeping in mind the network is made up of many nontraditional endpoints. Where possible, leverage industry guidance that has been already been custom tailored, such as the Mitre Corp. and FDA Incident Reponses Playbook written specifically to handle cybersecurity incidents involving medical devices. 

To learn more about clinical and IT leadership, register for the Becker's Hospital Review 2nd Annual Health IT + Clinical Leadership Conference May 2-4, 2019 in Chicago. Click here to learn more and register.

To participate in future Becker's Q&As, contact Jackie Drees at

Copyright © 2021 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars