Future of healthcare must be built on security

Issue 7 2021 Healthcare (Industry)

South Africa is poised to start benefiting from a plethora of healthcare technologies which could dramatically improve patient care at a lower cost, boost preventative healthcare and take the best medical practitioners virtually to the most underserved regions of the country. However, exciting new developments in healthcare technology could also put patients at risk in both the cyber and real world.

Doros Hadjizenonos.

This is according to Fortinet South Africa security experts, Doros Hadjizenonos and Matthew Taljaard, who warn that the promise of emerging healthcare technologies could be derailed by security risks.

Hadjizenonos, regional sales director SADC at Fortinet, says Internet of Things (IoT) and Internet of Medical Things (IoMT) devices are increasingly being adopted for greater efficiency and improved patient care in the healthcare sector. These tiny, connected devices are being deployed to monitor patient vital signs and treatment, track pharmaceuticals and control medical equipment throughout hospitals. “We are seeing adoption and interest from private hospital chains locally, who are considering IoT for efficiencies, for managing patients and analysing data,” he says. “There is potential to deploy IoT for patient monitoring both at home and in hospitals, for example, connected beds with oxygen meters and heart rate monitors feeding information back to nurses’ stations. IoT can also be used to automate devices administering treatment, such as ventilators.

IDC’s Worldwide Internet of Things Spending Guide forecast of May 2021 says worldwide spend on IoT is anticipated to pass US$ 1 trillion by 2024, with South Africa among the fastest-growing IoT markets in the MEA region, growing at an expected CAGR of 14% from 2020 to 2025. The global IoMT market was valued at US$ 44,5 million back in 2018 and is expected to grow to US$ 254,2 million in 2026, according to AllTheResearch.

More accessible healthcare

Smart technologies such as smart watches and other wearables, as well as video conferencing and telemedicine also become part of this broader ecosystem, bringing with them the opportunity to make healthcare more accessible, affordable and proactive.

However, Matthew Taljaard, subject matter expert for OT (operational technology) at Fortinet, notes that as smart technologies start controlling surgeries and patient treatment, the risks associated with advanced healthcare could grow. “Data privacy and cybersecurity are already a key concern in healthcare, as healthcare records are a prime target for cyber criminals. Fortinet finds that medical records are worth 10 times more than credit card numbers on the black market. On top of that, as we have seen in the industrial sector, as IT and OT converge, cyber risk can threaten health and safety in the physical domain. This could put patient lives at risk should cyber attackers access physical patient monitoring and treatment systems.

“Much in the same way we enabled work from home by securing that environment, by properly securing the healthcare environment we can create a safe platform that gives health professionals and patients the confidence to start benefiting from all the advanced medical technologies coming to market,” he says.

Hadjizenonos says: “Healthcare organisations have to start preparing for the future of healthcare by building security into the design of the entire environment. Because it is difficult to build security into small IoT or IoMT devices; technology needs to be deployed to detect and monitor all the devices and secure the traffic following between them. If a device was to be compromised it would be from the network point of view.”

Visibility, segmentation and seamless protection

IoT devices are vulnerable to hijacking and weaponisation for use in distributed denial of service (DDoS) attacks, as well as targeted code injection, man-in-the-middle attacks and spoofing. Fortinet warns that malware is also more easily hidden in the large volumes of data IoT devices produce, while some IoT devices can be remotely controlled or have their functionality disabled – which could be used in a ransomware attack.

Fortinet says robust IoT security requires integrated solutions capable of providing visibility, segmentation and seamless protection across the entire network infrastructure. Healthcare organisations should be capable of authenticating and classifying IoT devices, as well as segmenting IoT devices based on their risk profiles. They should also have the ability to monitor, inspect and enforce policy based on activity at different points within the infrastructure and take automatic and immediate action if any network devices become compromised.

To ensure compliance and data protection, organisations should take a zero-trust approach with role-based access control and a unified security fabric aggregating the security architecture across physical and cyber domains.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Data compliance for healthcare
Healthcare (Industry)
All healthcare facilities including hospitals and clinics are required to manage the complete destruction of all data when IT assets reach end-of-life using compliant data erasure techniques essential to protect company data.

Improving patient care
Axis Communications SA CCTV, Surveillance & Remote Monitoring Healthcare (Industry)
Nemours Children’s Health System has installed Axis network video cameras in every patient room to improve patient care to avoid nuisance alarms.

Access control during a health crisis
Axis Communications SA Healthcare (Industry)
Preventing the transmission of coronavirus in healthcare settings is obviously critical. Paul Baratta discusses access control and how it can help healthcare providers today and well into the future.

IoT is playing an increasing role in monitoring behaviour
Vox Healthcare (Industry)
With 55% of respondents in a recent survey stating that they cannot afford to save towards retirement and living in a care facility, attention must turn to leveraging cost-effective and user-friendly technological innovations to unlock the potential for telecare.

Cyber care for healthcare industries
Healthcare (Industry)
The COVID-19 pandemic is being exploited by cybercriminals with organisations across healthcare industries, from hospitals to clinics, laboratories and pharmacies finding themselves in the crosshairs.

Unlocking the value of healthcare data
Healthcare (Industry)
Data in the healthcare sector is heavily regulated, with numerous laws and regulations governing how data needs to be processed, protected and retained; this has become more important than ever in light of the COVID-19 crisis.

Keeping COVID in check
Suprema Access Control & Identity Management Healthcare (Industry)
Suprema thermal camera solution helps prevent the spread of COVID-19 in South Korea in a focused healthcare approach from government.

Technologies for paediatric care
Duxbury Networking Healthcare (Industry)
Virtual contact via electronic devices may decrease the sense of isolation and alienation between parents and babies deprived of physical contact.

The time for resilience is now
Healthcare (Industry)
With healthcare receiving more funding and grants due to COVID-19, it’s become a (perceived) easy target for cyber criminals.

Technologies to improve patient care in the healthcare industry
Duxbury Networking Healthcare (Industry)
In addition to addressing security issues, the hotel industry already uses cameras to improve the quality of customer service. Likewise, healthcare facilities are also gradually adopting this concept.