WASHINGTON (PRWEB) March 19, 2018
Secretary Michael Chertoff, executive chairman and co-founder of The Chertoff Group, a premier global advisory firm that provides security risk management, business strategy and merchant banking advisory services, joined leading healthcare and cybersecurity experts at SXSW 2018 on a panel discussion titled, “Body Computing Security and Human Safety.” During the session, Chertoff, along with Leslie Saxon, executive director at the USC Center for Body Computing and Beau Woods, cyber innovation fellow at The Atlantic Council, provided insight on the future of healthcare and digital health as well as security considerations and concerns associated with the advancement of connected, medical devices.
According to a recent Healthcare Information and Management Systems Society (HIMSS) survey of healthcare providers, vendors and consultants, 75.7 percent of respondents stated that their organizations experienced a significant security incident within the last 12 months. While these attacks have the ability to disrupt healthcare services, the risk also extends to every aspect of connected healthcare, including connected medical devices. In an effort to build awareness around these emerging threats, the panel discussion focused on the areas of risk found within the healthcare industry – personal information, corruption of data, shut down of services and manipulation of care – as well as the potential threat vectors, including surveillance, hacking, ransomware and public health information violations.
“To mitigate cybersecurity risks associated with connected medical devices, and ensure patients continue to derive their full benefits, industry must not only build security into its innovation process, but ensure resources are in place to conduct ongoing monitoring efforts,” said Secretary Chertoff. “This challenge will only grow as “smart” devices become increasingly intelligent, leveraging new information sets to diagnose, monitor and treat patients. Creating a resilient health care network that embraces the benefits of innovation while mitigating its associated risks is a responsibility shared among device manufacturers, service providers, patients and physicians. Working together to implement trusted cybersecurity measures will give physicians and patients the tools they need to make informed decisions about health management, and ultimately help maintain the trust and security that make these technology transformations successful.”
During the panel discussion, Secretary Chertoff outlined areas of improvement and provided recommendations to help healthcare organizations manage security standards and protocols, as well as fine tune in-place detection and prevention technology. Areas of improvement include:
- Severe lack of security talent - The majority of health delivery organizations lack full time, qualified security personnel. Establishing a healthcare cybersecurity talent pool is critical to mitigating attacks.
- Legacy equipment - Updating legacy equipment that runs on old, unsupported and vulnerable operating systems to those with built-in health IT security functions leads to more resilient medical devices.
- Premature or over-connectivity - “Meaningful Use” requirements drive hyper-connectivity without secure design and implementation in place. Healthcare organizations need to ensure connected technologies, with the potential to impact public safety and human life, are worthy of trust.
- Failure to develop standards - Define and set expectations to streamline leadership and cybersecurity governance. Security standards should be sufficiently tailored to be meaningful, but not so specific to become micromanagement.
- Known vulnerabilities epidemic – Identify cyber threat mitigation and protection mechanisms for intellectual property, research and development efforts. Enhanced information-sharing across the industry is needed.
A leading expert in cyber and data security, Secretary Chertoff also announced the launch of his upcoming new book, “Exploding data – Reclaiming our cyber security in the digital age,” at SXSW. The book, which is scheduled to be released in July 2018, examines the complex legalities surrounding issues of data collection and dissemination today, and charts a path that balances the needs of government, business and individuals alike.
To learn more about body computing and human safety in healthcare, click here to read The Chertoff Group’s whitepaper, entitled “Why medical device manufacturers must lead on cybersecurity in an increasingly connected healthcare system.”
About The Chertoff Group:
The Chertoff Group is a premier global advisory services firm focused on helping clients excel at understanding the implications of changes in security risk, technology and policy. Its complementary practice areas – which includes Security Risk Management, Business Strategy and Merchant Banking Advisory Services – enable businesses to understand the changing nature of risk, whether by better securing their enterprises, building competitive advantage or managing the policy environment. The Chertoff Group is one of the only professional services companies in the world to have achieved SAFETY Act designation across all industries for its proven Security Risk Management Consulting Methodology. The Chertoff Group and its investment banking subsidiary, Chertoff Capital, have advised on multiple M&A transactions totaling nearly $8 billion in deal value. Headquartered in Washington, D.C., the firm maintains offices in Menlo Park, Calif. and New York. For more information about The Chertoff Group, visit http://www.chertoffgroup.com.