Cybersecurity in healthcare: mitigating risks in medical technologies

Abstract

The digitization of the healthcare sector is unavoidable and emerging in the 21st century, when society is transitioning from an industrial approach to a knowledge-based economy. The widespread use of Electronic Medical Records (ERM), Internet of Medical Things (IoMT) devices, interconnected devices in anaesthesia and Intensive Care departments has brought major benefits. With the digital transformation of healthcare, cybersecurity has become crucial, based on the following: patient medical data is of major interest to attackers; it has already been demonstrated that devices in the Intensive Care and anaesthesia department such as: ventilators, infusion pumps, anaesthesia devices can be hacked and their configurations can be changed, without the physician knowing; the disruption of medical services has a high impact, with an average loss of $1.3 million per incident. However, the implementation of cyber security in this area is new and requires a holistic approach, as data is collected from a wide variety of devices connected to different networks, wireless and wired. The purpose of the article is to present the threats to the security of the technologies used in healthcare, to highlight the vulnerability of the technologies and to present recommendations for their mitigation.