Source: Information Security Buzz
Survey of Medical Device Manufacturers and Healthcare Delivery Organisations Reveals Industry’s Lack of Confidence and Alignment in Securing Medical Devices
LONDON, UK. Synopsys, Inc. (Nasdaq: SNPS) today released the results of the study “Medical Device Security: An Industry Under Attack and Unprepared to Defend,” which found that 67 percent of medical device manufacturers and 56 percent of healthcare delivery organisations (HDOs) believe an attack on a medical device built or in use by their organisations is likely to occur over the next 12 months. The survey also found that roughly one third of device makers and HDOs are aware of potential adverse effects to patients due to an insecure medical device, but despite the risk only 17 percent of device makers and 15 percent of HDOs are taking significant steps to prevent such attacks.
The Synopsys study conducted by the Ponemon Institute, a leading IT security research organisation, aimed at identifying whether device makers and HDOs are in alignment about the need to address cybersecurity risks. The study surveyed approximately 550 individuals from manufacturers and HDOs, whose roles involve the security of medical devices, including implantable devices, radiation equipment, diagnostic and monitoring equipment, robots, as well as networking equipment designed specifically for medical devices and mobile medical apps.
“The security of medical devices is truly a life or death issue for both device manufacturers and healthcare delivery organisations,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “According to the findings of the research, attacks on devices are likely and can put patients at risk. Consequently, it is urgent that the medical device industry makes the security of its devices a high priority.”
Other key findings from the study highlight:
- Building secure devices is challenging.80 percent of device makers and HDOs report that medical devices are very difficult to secure. The top reasons cited for why devices remain vulnerable include accidental coding errors, lack of knowledge/training on secure coding practices and pressure on development teams to meet product deadlines.
- Lack of security testing.Only 9 percent of manufacturers and 5 percent of HDOs say they test medical devices at least once a year, while 53 percent…
Click here to read more