Rush for digital solutions exposes cybersecurity vulnerability in decades old medical device software: GlobalData

Old software doesn’t just affect the operational efficiency of a device but it can also present a serious cybersecurity risk which is why there is currently a push to increase cybersecurity awareness in healthcare institutions

As the healthcare industry rushes to adopt new technologies to alleviate the effects of COVID-19, vulnerabilities in existing software and hardware systems which in some instances pose a cybersecurity risk have been exposed says GlobalData, data and analytics company.

Kamilla Kan, Medical Analyst at GlobalData comments, Tech innovation is speeding ahead at a mighty pace, but healthcare technology is stuck in the 90s. Essential software used in devices such as anesthesia delivery systems and ventilators in some instances are being run on software first developed over two decades ago. The industry desperately needs a catch up.”

Old software doesn’t just affect the operational efficiency of a device but it can also present a serious cybersecurity risk which is why there is currently a push to increase cybersecurity awareness in healthcare institutions. For example, the United States Food and Drug Administration (FDA) has suggested legislative authorities query medical devices’ cybersecurity capabilities, as well as ensure that medtechs are required to have a Software Bill of Materials (SBOM).

Kan continues, “A lot of facilities are still either in the process of digitising all of their systems or continue to use outdated ones. Healthcare companies should not only monitor and test the safety of hardware and software of new medical devices, but keep updating and monitoring those that have been in service and on the medical market for some time.”

The rate of cyberattacks on healthcare institutions has been steadily increasing since the beginning of COVID-19 pandemic and are expected to grow in the future as the healthcare industry adopts more advanced medical devices and increases patient data collection.

Cybersecuritydata analytics
Comments (0)
Add Comment