SlideShare a Scribd company logo

Healthcare Cybersecurity Crisis

Download as PPT, PDF
Matthew J McMahon
Matthew J McMahon

The document summarizes the increasing issue of cyber attacks on hospitals. It notes that in 2014, 40% of healthcare organizations reported malware attacks, increasing to 90% in 2015. The rise in attacks is linked to the transition to electronic medical records, though healthcare lags in cybersecurity. Stolen medical data is 10 times more valuable than credit cards on the black market. Many hospitals still lack basic security protections like antivirus software and encryption. To better secure outdated medical devices, the document proposes moving to a leasing model where devices are constantly updated.

Healthcare
1 of 15
Hospital Insecurity
Disclaimer My views are my own and do not reflect the medical device manufacturer or academic institution that employ me
Healthcare in the News http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html
Hospital Hacks on the Rise • In 2014, 40 percent of healthcare organizations reported being attacked by malware designed to steal data. • In 2015 the stats are closer to 90 percent. • In August 2015 , Websense reported a 600 percent increase in cyber attacks on hospitals over the previous 10 months. • Under federal law, hospitals are only required to report potential medical data breaches involving more than 500 people. http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html https://www.technologyreview.com/s/533631/2015-could-be-the-year-of-the-hospital-hack/ http://www.insurancejournal.com/news/national/2015/05/07/367165.htm
Why the Increase in Attacks? • Medical organizations across the world are switching to electronic medical records, and computer security is not always a high priority. • Health care providers in the US have a monetary incentive to switch to digital medical records under The Health Information Technology for Economic and Clinical Health (HITECH) Act. • But with all of this progress the healthcare sector is "woefully behind" in terms of cyber preparedness. - Forrester Analyst Stephanie Balaouras https://www.technologyreview.com/s/533631/2015-could-be-the-year-of-the-hospital-hack/ http://www.medicalrecords.com/physicians/the-national-digital-medical-records-mandate-arra http://blog.trendmicro.com/why-is-the-health-care-industry-so-behind-on-cyber-security-part-1-of-2/
Incentives for Attackers? • Experts at Reuters suggest that medical information is 10 times more valuable than a credit card number on the black market. • Hackers use stolen data to create fake IDs to buy medical equipment or drugs that they can resell. • Hackers also may use a patient number with a false provider number to file fraudulent claims with payers. • The average patient interacts with 10 medical devices on each hospital visit (each device stores patient data) http://www.beckershospitalreview.com/healthcare-information-technology/medical-records-10x-more-valuable-to-hackers-than-c https://www.youtube.com/watch?v=EyqwUFJKZo0
2016 HIMSS Report • 14% of medical facilities reported using no antimalware/antivirus • 19.3% of medical facilities reported using no firewall • 36% of medical facilities reported not encrypting data in transit • 41.3% of medical facilities reported having no patch mgt. system • 46% of medical facilities reported using no intrusion detection • 60.7% of medical facilities don’t utilize multifactor authentication http://www.himss.org/sites/himssorg/files/2016-cybersecurity-report.pdf
2017 HIMSS Report • 38% of medical facilities reported penetration testing yearly • 51% of medical facilities reported completing a cybersecurity risk assessment once a year • 71% of medical facilities reported allocating a percentage of their yearly budget specifically to cybersecurity • 82% of medical facilities reported specifically allocating funding to training employees in cybersecurity concepts • 88% of medical facilities reported completing cybersecurity risk assessments on third party products http://www.himss.org/2017-himss-cybersecurity-survey
The Average Age of Medical Devices 2003 http://cocir.org/fileadmin/Publications_2003/ageprofile2003.pdf
The Teenage Years… 2003 http://cocir.org/fileadmin/Publications_2003/ageprofile2003.pdf
…but Everything is Better Now The average age of a medical device in the US in 2016 was 4.7 years old https://www.beckershospitalreview.com/supply-chain/medical-equipment-hits-oldest-average-age-since-1945.html
Question How do you secure a medical device that has a 15 year shelf life who’s embedded operating system will be out of date in 3 years…?
Defense in Depth • Multi-layered approach to security • Uses several independent methods • Includes physical, technical and administrative controls • Doesn’t prevent an attack but slows an attackers advance which allows for detection & response
The Leasing Model We move to a leasing model where medical device manufacturers are constantly updating hospitals medical devices to the latest and greatest most secure platform
Contact Info Matt McMahon @InfoSec617 Matthew.McMahon@Salve.edu

Recommended

Protecting Health Data_FINAL3
Protecting Health Data_FINAL3Protecting Health Data_FINAL3
Protecting Health Data_FINAL3Paul Petronelli
 
The Affordable Care Act: An Evidence-Based Update
The Affordable Care Act: An Evidence-Based UpdateThe Affordable Care Act: An Evidence-Based Update
The Affordable Care Act: An Evidence-Based UpdateCedric Dark
 
2014 Clinical Development Year in Review
2014 Clinical Development Year in Review2014 Clinical Development Year in Review
2014 Clinical Development Year in ReviewIndustry Standard Research
 
Hiv diagnostics market
Hiv diagnostics marketHiv diagnostics market
Hiv diagnostics marketBhargav2818
 
Dnr mediakit
Dnr mediakitDnr mediakit
Dnr mediakitStanislav Sazhin
 
Dnr mediakit
Dnr mediakitDnr mediakit
Dnr mediakitStanislav Sazhin
 
Dnr mediakit
Dnr mediakitDnr mediakit
Dnr mediakitStanislav Sazhin
 
Dnr mediakit
Dnr mediakitDnr mediakit
Dnr mediakitStanislav Sazhin
 

Recommended

Protecting Health Data_FINAL3
Protecting Health Data_FINAL3Protecting Health Data_FINAL3
Protecting Health Data_FINAL3Paul Petronelli
 
The Affordable Care Act: An Evidence-Based Update
The Affordable Care Act: An Evidence-Based UpdateThe Affordable Care Act: An Evidence-Based Update
The Affordable Care Act: An Evidence-Based UpdateCedric Dark
 
2014 Clinical Development Year in Review
2014 Clinical Development Year in Review2014 Clinical Development Year in Review
2014 Clinical Development Year in ReviewIndustry Standard Research
 
Hiv diagnostics market
Hiv diagnostics marketHiv diagnostics market
Hiv diagnostics marketBhargav2818
 
Dnr mediakit
Dnr mediakitDnr mediakit
Dnr mediakitStanislav Sazhin
 
Dnr mediakit
Dnr mediakitDnr mediakit
Dnr mediakitStanislav Sazhin
 
Dnr mediakit
Dnr mediakitDnr mediakit
Dnr mediakitStanislav Sazhin
 
Dnr mediakit
Dnr mediakitDnr mediakit
Dnr mediakitStanislav Sazhin
 
Medical Devices Under Attack
Medical Devices Under Attack Medical Devices Under Attack
Medical Devices Under Attack Medigate
 
The Security of Electronic Health Information Survey
The Security of Electronic Health Information SurveyThe Security of Electronic Health Information Survey
The Security of Electronic Health Information Surveyloglogic
 
D covid alipio tan
D covid alipio tanD covid alipio tan
D covid alipio tanJA Larson
 
Introduction to Vichara Health
Introduction to Vichara HealthIntroduction to Vichara Health
Introduction to Vichara HealthPranish Kantesaria, PharmD
 
Business Associate Risk Infographic
Business Associate Risk InfographicBusiness Associate Risk Infographic
Business Associate Risk Infographicgaryjohnson500
 
VirtualVet's Offering
VirtualVet's OfferingVirtualVet's Offering
VirtualVet's OfferingSinead Quealy
 
VirtualVet Vision
VirtualVet VisionVirtualVet Vision
VirtualVet VisionSinead Quealy
 
Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025
Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025
Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025poojamtmr
 
Top 5 IVD Market News Stories - January 2017
Top 5 IVD Market News Stories - January 2017Top 5 IVD Market News Stories - January 2017
Top 5 IVD Market News Stories - January 2017Bruce Carlson
 
American Academy of Ophthalmology
American Academy of OphthalmologyAmerican Academy of Ophthalmology
American Academy of OphthalmologyHealthegy
 
Medical Billing Software Trends
Medical Billing Software TrendsMedical Billing Software Trends
Medical Billing Software TrendsManny Oliverez
 
mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...
mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...
mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...Levi Shapiro
 
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)U.S. News Healthcare of Tomorrow
 
We Need to Prioritize Cybersecurity in 2020
We Need to Prioritize Cybersecurity in 2020We Need to Prioritize Cybersecurity in 2020
We Need to Prioritize Cybersecurity in 2020Matthew Doyle
 
Pegwin pitch deck
Pegwin pitch deckPegwin pitch deck
Pegwin pitch deckDouglas Dotan
 
Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...
Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...
Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...Shahid Shah
 
Medical automation market
Medical automation marketMedical automation market
Medical automation marketManjushaGirme
 
HIPAA HITECH E-Prescribing / E-Prescription
HIPAA HITECH E-Prescribing / E-PrescriptionHIPAA HITECH E-Prescribing / E-Prescription
HIPAA HITECH E-Prescribing / E-PrescriptionValdez Ladd MBA, CISSP, CISA,
 
Hot Topics in Privacy and Security
Hot Topics in Privacy and SecurityHot Topics in Privacy and Security
Hot Topics in Privacy and SecurityPYA, P.C.
 
Global Healthcare Information System Market will hit USD 54.0 Billion By 2020
Global Healthcare Information System Market will hit USD 54.0 Billion By 2020Global Healthcare Information System Market will hit USD 54.0 Billion By 2020
Global Healthcare Information System Market will hit USD 54.0 Billion By 2020Sahil Sawant
 
Artificial Intelligence in Pharmacovigilance
Artificial Intelligence in PharmacovigilanceArtificial Intelligence in Pharmacovigilance
Artificial Intelligence in PharmacovigilanceClinosolIndia
 
Cyber physical system for healthcare
Cyber physical system for healthcareCyber physical system for healthcare
Cyber physical system for healthcareJUGAL GANDHI
 

More Related Content

What's hot

Medical Devices Under Attack
Medical Devices Under Attack Medical Devices Under Attack
Medical Devices Under Attack Medigate
 
The Security of Electronic Health Information Survey
The Security of Electronic Health Information SurveyThe Security of Electronic Health Information Survey
The Security of Electronic Health Information Surveyloglogic
 
D covid alipio tan
D covid alipio tanD covid alipio tan
D covid alipio tanJA Larson
 
Business Associate Risk Infographic
Business Associate Risk InfographicBusiness Associate Risk Infographic
Business Associate Risk Infographicgaryjohnson500
 
VirtualVet's Offering
VirtualVet's OfferingVirtualVet's Offering
VirtualVet's OfferingSinead Quealy
 
Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025
Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025
Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025poojamtmr
 
Top 5 IVD Market News Stories - January 2017
Top 5 IVD Market News Stories - January 2017Top 5 IVD Market News Stories - January 2017
Top 5 IVD Market News Stories - January 2017Bruce Carlson
 
American Academy of Ophthalmology
American Academy of OphthalmologyAmerican Academy of Ophthalmology
American Academy of OphthalmologyHealthegy
 
Medical Billing Software Trends
Medical Billing Software TrendsMedical Billing Software Trends
Medical Billing Software TrendsManny Oliverez
 

What's hot (11)

Medical Devices Under Attack
Medical Devices Under Attack Medical Devices Under Attack
Medical Devices Under Attack
 
The Security of Electronic Health Information Survey
The Security of Electronic Health Information SurveyThe Security of Electronic Health Information Survey
The Security of Electronic Health Information Survey
 
D covid alipio tan
D covid alipio tanD covid alipio tan
D covid alipio tan
 
Introduction to Vichara Health
Introduction to Vichara HealthIntroduction to Vichara Health
Introduction to Vichara Health
 
Business Associate Risk Infographic
Business Associate Risk InfographicBusiness Associate Risk Infographic
Business Associate Risk Infographic
 
VirtualVet's Offering
VirtualVet's OfferingVirtualVet's Offering
VirtualVet's Offering
 
VirtualVet Vision
VirtualVet VisionVirtualVet Vision
VirtualVet Vision
 
Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025
Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025
Flow Cytometry Market Size, Share & Trend | Industry Analysis Report, 2025
 
Top 5 IVD Market News Stories - January 2017
Top 5 IVD Market News Stories - January 2017Top 5 IVD Market News Stories - January 2017
Top 5 IVD Market News Stories - January 2017
 
American Academy of Ophthalmology
American Academy of OphthalmologyAmerican Academy of Ophthalmology
American Academy of Ophthalmology
 
Medical Billing Software Trends
Medical Billing Software TrendsMedical Billing Software Trends
Medical Billing Software Trends
 

Similar to Healthcare Cybersecurity Crisis

mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...
mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...
mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...Levi Shapiro
 
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)U.S. News Healthcare of Tomorrow
 
We Need to Prioritize Cybersecurity in 2020
We Need to Prioritize Cybersecurity in 2020We Need to Prioritize Cybersecurity in 2020
We Need to Prioritize Cybersecurity in 2020Matthew Doyle
 
Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...
Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...
Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...Shahid Shah
 
Medical automation market
Medical automation marketMedical automation market
Medical automation marketManjushaGirme
 
Hot Topics in Privacy and Security
Hot Topics in Privacy and SecurityHot Topics in Privacy and Security
Hot Topics in Privacy and SecurityPYA, P.C.
 
Global Healthcare Information System Market will hit USD 54.0 Billion By 2020
Global Healthcare Information System Market will hit USD 54.0 Billion By 2020Global Healthcare Information System Market will hit USD 54.0 Billion By 2020
Global Healthcare Information System Market will hit USD 54.0 Billion By 2020Sahil Sawant
 
Artificial Intelligence in Pharmacovigilance
Artificial Intelligence in PharmacovigilanceArtificial Intelligence in Pharmacovigilance
Artificial Intelligence in PharmacovigilanceClinosolIndia
 
Cyber physical system for healthcare
Cyber physical system for healthcareCyber physical system for healthcare
Cyber physical system for healthcareJUGAL GANDHI
 
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...mosmedicalreview
 
Medeo Virtual Care Point of View
Medeo Virtual Care Point of ViewMedeo Virtual Care Point of View
Medeo Virtual Care Point of ViewRyan Wilson
 
mHealth Israel_Back-casting: How Covid-19 Impacted Digital Health Investment,...
mHealth Israel_Back-casting: How Covid-19 Impacted Digital Health Investment,...mHealth Israel_Back-casting: How Covid-19 Impacted Digital Health Investment,...
mHealth Israel_Back-casting: How Covid-19 Impacted Digital Health Investment,...Levi Shapiro
 
HCA 530, Week 2, Hacking healthcare it in 2016 lessons the healthcare industr...
HCA 530, Week 2, Hacking healthcare it in 2016 lessons the healthcare industr...HCA 530, Week 2, Hacking healthcare it in 2016 lessons the healthcare industr...
HCA 530, Week 2, Hacking healthcare it in 2016 lessons the healthcare industr...Matthew J McMahon
 
Medical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannMedical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannFrank Siepmann
 
Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.
Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.
Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.iFour Technolab Pvt. Ltd.
 
Cyber risk reporting aicpa framework
Cyber risk reporting aicpa frameworkCyber risk reporting aicpa framework
Cyber risk reporting aicpa frameworkJames Deiotte
 

Similar to Healthcare Cybersecurity Crisis (20)

mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...
mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...
mHealth Israel_Technology, Data & Medical Technologies- the Perfect Storm_Bos...
 
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
Safeguarding Patient Privacy in a Digital Age (Brian Kalis)
 
We Need to Prioritize Cybersecurity in 2020
We Need to Prioritize Cybersecurity in 2020We Need to Prioritize Cybersecurity in 2020
We Need to Prioritize Cybersecurity in 2020
 
Pegwin pitch deck
Pegwin pitch deckPegwin pitch deck
Pegwin pitch deck
 
Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...
Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...
Creating Interoperable Medical Devices that fit into Hospital Enterprise IT E...
 
Medical automation market
Medical automation marketMedical automation market
Medical automation market
 
HIPAA HITECH E-Prescribing / E-Prescription
HIPAA HITECH E-Prescribing / E-PrescriptionHIPAA HITECH E-Prescribing / E-Prescription
HIPAA HITECH E-Prescribing / E-Prescription
 
Hot Topics in Privacy and Security
Hot Topics in Privacy and SecurityHot Topics in Privacy and Security
Hot Topics in Privacy and Security
 
Global Healthcare Information System Market will hit USD 54.0 Billion By 2020
Global Healthcare Information System Market will hit USD 54.0 Billion By 2020Global Healthcare Information System Market will hit USD 54.0 Billion By 2020
Global Healthcare Information System Market will hit USD 54.0 Billion By 2020
 
Artificial Intelligence in Pharmacovigilance
Artificial Intelligence in PharmacovigilanceArtificial Intelligence in Pharmacovigilance
Artificial Intelligence in Pharmacovigilance
 
Cyber physical system for healthcare
Cyber physical system for healthcareCyber physical system for healthcare
Cyber physical system for healthcare
 
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
Healthcare Attorneys Feel the Healthcare Industry Is More Vulnerable to Cyber...
 
Medeo Virtual Care Point of View
Medeo Virtual Care Point of ViewMedeo Virtual Care Point of View
Medeo Virtual Care Point of View
 
mHealth Israel_Back-casting: How Covid-19 Impacted Digital Health Investment,...
mHealth Israel_Back-casting: How Covid-19 Impacted Digital Health Investment,...mHealth Israel_Back-casting: How Covid-19 Impacted Digital Health Investment,...
mHealth Israel_Back-casting: How Covid-19 Impacted Digital Health Investment,...
 
Io t in healthcare 03.2016
Io t in healthcare 03.2016Io t in healthcare 03.2016
Io t in healthcare 03.2016
 
Influenza vaccine market
Influenza vaccine marketInfluenza vaccine market
Influenza vaccine market
 
HCA 530, Week 2, Hacking healthcare it in 2016 lessons the healthcare industr...
HCA 530, Week 2, Hacking healthcare it in 2016 lessons the healthcare industr...HCA 530, Week 2, Hacking healthcare it in 2016 lessons the healthcare industr...
HCA 530, Week 2, Hacking healthcare it in 2016 lessons the healthcare industr...
 
Medical device security presentation - Frank Siepmann
Medical device security presentation - Frank SiepmannMedical device security presentation - Frank Siepmann
Medical device security presentation - Frank Siepmann
 
Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.
Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.
Blockchain Use Cases in Healthcare Industry - iFour Technolab Pvt. Ltd.
 
Cyber risk reporting aicpa framework
Cyber risk reporting aicpa frameworkCyber risk reporting aicpa framework
Cyber risk reporting aicpa framework
 

More from Matthew J McMahon

Past and Future Speaking Engagements
Past and Future Speaking EngagementsPast and Future Speaking Engagements
Past and Future Speaking EngagementsMatthew J McMahon
 
HCA 530, Week 2, Symantec 2016 threat report
HCA 530, Week 2, Symantec 2016 threat reportHCA 530, Week 2, Symantec 2016 threat report
HCA 530, Week 2, Symantec 2016 threat reportMatthew J McMahon
 
HCA 530, Week2, Psa i-091516-ransomware notice from fbi
HCA 530, Week2, Psa i-091516-ransomware notice from fbiHCA 530, Week2, Psa i-091516-ransomware notice from fbi
HCA 530, Week2, Psa i-091516-ransomware notice from fbiMatthew J McMahon
 
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...Matthew J McMahon
 
HCA 530, Week 2, Advanced persistent threat healthcare under attack
HCA 530, Week 2, Advanced persistent threat healthcare under attackHCA 530, Week 2, Advanced persistent threat healthcare under attack
HCA 530, Week 2, Advanced persistent threat healthcare under attackMatthew J McMahon
 
McMahon & Associates Risk Management Strategy
McMahon & Associates Risk Management StrategyMcMahon & Associates Risk Management Strategy
McMahon & Associates Risk Management StrategyMatthew J McMahon
 
McMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy PaperMcMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy PaperMatthew J McMahon
 
Sample Incident Response Plan
Sample Incident Response PlanSample Incident Response Plan
Sample Incident Response PlanMatthew J McMahon
 
The Top Five Essential Cybersecurity Protections for Healthcare Facilities
The Top Five Essential Cybersecurity Protections for Healthcare FacilitiesThe Top Five Essential Cybersecurity Protections for Healthcare Facilities
The Top Five Essential Cybersecurity Protections for Healthcare FacilitiesMatthew J McMahon
 
Can international organizations like the IMF control the externality costs of...
Can international organizations like the IMF control the externality costs of...Can international organizations like the IMF control the externality costs of...
Can international organizations like the IMF control the externality costs of...Matthew J McMahon
 

More from Matthew J McMahon (11)

Past and Future Speaking Engagements
Past and Future Speaking EngagementsPast and Future Speaking Engagements
Past and Future Speaking Engagements
 
HCA 530, Week 2, Symantec 2016 threat report
HCA 530, Week 2, Symantec 2016 threat reportHCA 530, Week 2, Symantec 2016 threat report
HCA 530, Week 2, Symantec 2016 threat report
 
HCA 530, Week2, Psa i-091516-ransomware notice from fbi
HCA 530, Week2, Psa i-091516-ransomware notice from fbiHCA 530, Week2, Psa i-091516-ransomware notice from fbi
HCA 530, Week2, Psa i-091516-ransomware notice from fbi
 
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
HCA 530, Week 2, Introduction to cyber threats and opportunities online cours...
 
HCA 530, Week 2, Advanced persistent threat healthcare under attack
HCA 530, Week 2, Advanced persistent threat healthcare under attackHCA 530, Week 2, Advanced persistent threat healthcare under attack
HCA 530, Week 2, Advanced persistent threat healthcare under attack
 
McMahon & Associates Risk Management Strategy
McMahon & Associates Risk Management StrategyMcMahon & Associates Risk Management Strategy
McMahon & Associates Risk Management Strategy
 
McMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy PaperMcMahon and Associates Cloud Usage Policy Paper
McMahon and Associates Cloud Usage Policy Paper
 
Sample Incident Response Plan
Sample Incident Response PlanSample Incident Response Plan
Sample Incident Response Plan
 
Case brief US v batti
Case brief US v battiCase brief US v batti
Case brief US v batti
 
The Top Five Essential Cybersecurity Protections for Healthcare Facilities
The Top Five Essential Cybersecurity Protections for Healthcare FacilitiesThe Top Five Essential Cybersecurity Protections for Healthcare Facilities
The Top Five Essential Cybersecurity Protections for Healthcare Facilities
 
Can international organizations like the IMF control the externality costs of...
Can international organizations like the IMF control the externality costs of...Can international organizations like the IMF control the externality costs of...
Can international organizations like the IMF control the externality costs of...
 

Recently uploaded

Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service Mohali
Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service MohaliCall Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service Mohali
Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service MohaliHigh Profile Call Girls Chandigarh Aarushi
 
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...indiancallgirl4rent
 
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋Sheetaleventcompany
 
Call Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In Raipur
Call Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In RaipurCall Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In Raipur
Call Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In Raipurgragmanisha42
 
No Advance 9053900678 Chandigarh Call Girls , Indian Call Girls For Full Ni...
No Advance 9053900678 Chandigarh Call Girls , Indian Call Girls For Full Ni...No Advance 9053900678 Chandigarh Call Girls , Indian Call Girls For Full Ni...
No Advance 9053900678 Chandigarh Call Girls , Indian Call Girls For Full Ni...Vip call girls In Chandigarh
 
Russian Call Girls Gurgaon Swara 9711199012 Independent Escort Service Gurgaon
Russian Call Girls Gurgaon Swara 9711199012 Independent Escort Service GurgaonRussian Call Girls Gurgaon Swara 9711199012 Independent Escort Service Gurgaon
Russian Call Girls Gurgaon Swara 9711199012 Independent Escort Service GurgaonCall Girls Service Gurgaon
 
Hot Call Girl In Chandigarh 👅🥵 9053'900678 Call Girls Service In Chandigarh
Hot Call Girl In Chandigarh 👅🥵 9053'900678 Call Girls Service In ChandigarhHot Call Girl In Chandigarh 👅🥵 9053'900678 Call Girls Service In Chandigarh
Hot Call Girl In Chandigarh 👅🥵 9053'900678 Call Girls Service In ChandigarhVip call girls In Chandigarh
 
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅gragmanisha42
 
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near MeVIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Memriyagarg453
 
💚😋Mumbai Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Mumbai Escort Service Call Girls, ₹5000 To 25K With AC💚😋💚😋Mumbai Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Mumbai Escort Service Call Girls, ₹5000 To 25K With AC💚😋Sheetaleventcompany
 
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...High Profile Call Girls Chandigarh Aarushi
 
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...Gfnyt
 
Vip Kolkata Call Girls Cossipore 👉 8250192130 ❣️💯 Available With Room 24×7
Vip Kolkata Call Girls Cossipore 👉 8250192130 ❣️💯 Available With Room 24×7Vip Kolkata Call Girls Cossipore 👉 8250192130 ❣️💯 Available With Room 24×7
Vip Kolkata Call Girls Cossipore 👉 8250192130 ❣️💯 Available With Room 24×7Miss joya
 
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...High Profile Call Girls Chandigarh Aarushi
 
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service Gurgaon
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service GurgaonCall Girl Gurgaon Saloni 9711199012 Independent Escort Service Gurgaon
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service GurgaonCall Girls Service Gurgaon
 
indian Call Girl Panchkula ❤️🍑 9907093804 Low Rate Call Girls Ludhiana Tulsi
indian Call Girl Panchkula ❤️🍑 9907093804 Low Rate Call Girls Ludhiana Tulsiindian Call Girl Panchkula ❤️🍑 9907093804 Low Rate Call Girls Ludhiana Tulsi
indian Call Girl Panchkula ❤️🍑 9907093804 Low Rate Call Girls Ludhiana TulsiHigh Profile Call Girls Chandigarh Aarushi
 
pOOJA sexy Call Girls In Sector 49,9999965857 Young Female Escorts Service In...
pOOJA sexy Call Girls In Sector 49,9999965857 Young Female Escorts Service In...pOOJA sexy Call Girls In Sector 49,9999965857 Young Female Escorts Service In...
pOOJA sexy Call Girls In Sector 49,9999965857 Young Female Escorts Service In...Call Girls Noida
 
💚😋Chandigarh Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Chandigarh Escort Service Call Girls, ₹5000 To 25K With AC💚😋💚😋Chandigarh Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Chandigarh Escort Service Call Girls, ₹5000 To 25K With AC💚😋Sheetaleventcompany
 

Recently uploaded (20)

Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service Mohali
Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service MohaliCall Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service Mohali
Call Girls in Mohali Surbhi ❤️🍑 9907093804 👄🫦 Independent Escort Service Mohali
 
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
(Sonam Bajaj) Call Girl in Jaipur- 09257276172 Escorts Service 50% Off with C...
 
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Kolkata Escort Service Call Girls, ₹5000 To 25K With AC💚😋
 
Call Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In Raipur
Call Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In RaipurCall Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In Raipur
Call Girl Raipur 📲 9999965857 ヅ10k NiGhT Call Girls In Raipur
 
No Advance 9053900678 Chandigarh Call Girls , Indian Call Girls For Full Ni...
No Advance 9053900678 Chandigarh Call Girls , Indian Call Girls For Full Ni...No Advance 9053900678 Chandigarh Call Girls , Indian Call Girls For Full Ni...
No Advance 9053900678 Chandigarh Call Girls , Indian Call Girls For Full Ni...
 
Russian Call Girls Gurgaon Swara 9711199012 Independent Escort Service Gurgaon
Russian Call Girls Gurgaon Swara 9711199012 Independent Escort Service GurgaonRussian Call Girls Gurgaon Swara 9711199012 Independent Escort Service Gurgaon
Russian Call Girls Gurgaon Swara 9711199012 Independent Escort Service Gurgaon
 
Hot Call Girl In Chandigarh 👅🥵 9053'900678 Call Girls Service In Chandigarh
Hot Call Girl In Chandigarh 👅🥵 9053'900678 Call Girls Service In ChandigarhHot Call Girl In Chandigarh 👅🥵 9053'900678 Call Girls Service In Chandigarh
Hot Call Girl In Chandigarh 👅🥵 9053'900678 Call Girls Service In Chandigarh
 
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅
Russian Call Girls Kota * 8250192130 Service starts from just ₹9999 ✅
 
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near MeVIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
VIP Call Girls Noida Jhanvi 9711199171 Best VIP Call Girls Near Me
 
Model Call Girl in Subhash Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Subhash Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Subhash Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Subhash Nagar Delhi reach out to us at 🔝9953056974🔝
 
💚😋Mumbai Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Mumbai Escort Service Call Girls, ₹5000 To 25K With AC💚😋💚😋Mumbai Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Mumbai Escort Service Call Girls, ₹5000 To 25K With AC💚😋
 
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...
Russian Call Girls in Chandigarh Ojaswi ❤️🍑 9907093804 👄🫦 Independent Escort ...
 
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...
Bangalore call girl 👯‍♀️@ Simran Independent Call Girls in Bangalore GIUXUZ...
 
Vip Kolkata Call Girls Cossipore 👉 8250192130 ❣️💯 Available With Room 24×7
Vip Kolkata Call Girls Cossipore 👉 8250192130 ❣️💯 Available With Room 24×7Vip Kolkata Call Girls Cossipore 👉 8250192130 ❣️💯 Available With Room 24×7
Vip Kolkata Call Girls Cossipore 👉 8250192130 ❣️💯 Available With Room 24×7
 
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
Call Girls Service Chandigarh Grishma ❤️🍑 9907093804 👄🫦 Independent Escort Se...
 
#9711199012# African Student Escorts in Delhi 😘 Call Girls Delhi
#9711199012# African Student Escorts in Delhi 😘 Call Girls Delhi#9711199012# African Student Escorts in Delhi 😘 Call Girls Delhi
#9711199012# African Student Escorts in Delhi 😘 Call Girls Delhi
 
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service Gurgaon
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service GurgaonCall Girl Gurgaon Saloni 9711199012 Independent Escort Service Gurgaon
Call Girl Gurgaon Saloni 9711199012 Independent Escort Service Gurgaon
 
indian Call Girl Panchkula ❤️🍑 9907093804 Low Rate Call Girls Ludhiana Tulsi
indian Call Girl Panchkula ❤️🍑 9907093804 Low Rate Call Girls Ludhiana Tulsiindian Call Girl Panchkula ❤️🍑 9907093804 Low Rate Call Girls Ludhiana Tulsi
indian Call Girl Panchkula ❤️🍑 9907093804 Low Rate Call Girls Ludhiana Tulsi
 
pOOJA sexy Call Girls In Sector 49,9999965857 Young Female Escorts Service In...
pOOJA sexy Call Girls In Sector 49,9999965857 Young Female Escorts Service In...pOOJA sexy Call Girls In Sector 49,9999965857 Young Female Escorts Service In...
pOOJA sexy Call Girls In Sector 49,9999965857 Young Female Escorts Service In...
 
💚😋Chandigarh Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Chandigarh Escort Service Call Girls, ₹5000 To 25K With AC💚😋💚😋Chandigarh Escort Service Call Girls, ₹5000 To 25K With AC💚😋
💚😋Chandigarh Escort Service Call Girls, ₹5000 To 25K With AC💚😋
 

Healthcare Cybersecurity Crisis

  • 2. Disclaimer My views are my own and do not reflect the medical device manufacturer or academic institution that employ me
  • 3. Healthcare in the News http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html
  • 4. Hospital Hacks on the Rise • In 2014, 40 percent of healthcare organizations reported being attacked by malware designed to steal data. • In 2015 the stats are closer to 90 percent. • In August 2015 , Websense reported a 600 percent increase in cyber attacks on hospitals over the previous 10 months. • Under federal law, hospitals are only required to report potential medical data breaches involving more than 500 people. http://www.latimes.com/business/technology/la-me-ln-hollywood-hospital-bitcoin-20160217-story.html https://www.technologyreview.com/s/533631/2015-could-be-the-year-of-the-hospital-hack/ http://www.insurancejournal.com/news/national/2015/05/07/367165.htm
  • 5. Why the Increase in Attacks? • Medical organizations across the world are switching to electronic medical records, and computer security is not always a high priority. • Health care providers in the US have a monetary incentive to switch to digital medical records under The Health Information Technology for Economic and Clinical Health (HITECH) Act. • But with all of this progress the healthcare sector is "woefully behind" in terms of cyber preparedness. - Forrester Analyst Stephanie Balaouras https://www.technologyreview.com/s/533631/2015-could-be-the-year-of-the-hospital-hack/ http://www.medicalrecords.com/physicians/the-national-digital-medical-records-mandate-arra http://blog.trendmicro.com/why-is-the-health-care-industry-so-behind-on-cyber-security-part-1-of-2/
  • 6. Incentives for Attackers? • Experts at Reuters suggest that medical information is 10 times more valuable than a credit card number on the black market. • Hackers use stolen data to create fake IDs to buy medical equipment or drugs that they can resell. • Hackers also may use a patient number with a false provider number to file fraudulent claims with payers. • The average patient interacts with 10 medical devices on each hospital visit (each device stores patient data) http://www.beckershospitalreview.com/healthcare-information-technology/medical-records-10x-more-valuable-to-hackers-than-c https://www.youtube.com/watch?v=EyqwUFJKZo0
  • 7. 2016 HIMSS Report • 14% of medical facilities reported using no antimalware/antivirus • 19.3% of medical facilities reported using no firewall • 36% of medical facilities reported not encrypting data in transit • 41.3% of medical facilities reported having no patch mgt. system • 46% of medical facilities reported using no intrusion detection • 60.7% of medical facilities don’t utilize multifactor authentication http://www.himss.org/sites/himssorg/files/2016-cybersecurity-report.pdf
  • 8. 2017 HIMSS Report • 38% of medical facilities reported penetration testing yearly • 51% of medical facilities reported completing a cybersecurity risk assessment once a year • 71% of medical facilities reported allocating a percentage of their yearly budget specifically to cybersecurity • 82% of medical facilities reported specifically allocating funding to training employees in cybersecurity concepts • 88% of medical facilities reported completing cybersecurity risk assessments on third party products http://www.himss.org/2017-himss-cybersecurity-survey
  • 9. The Average Age of Medical Devices 2003 http://cocir.org/fileadmin/Publications_2003/ageprofile2003.pdf
  • 11. …but Everything is Better Now The average age of a medical device in the US in 2016 was 4.7 years old https://www.beckershospitalreview.com/supply-chain/medical-equipment-hits-oldest-average-age-since-1945.html
  • 12. Question How do you secure a medical device that has a 15 year shelf life who’s embedded operating system will be out of date in 3 years…?
  • 13. Defense in Depth • Multi-layered approach to security • Uses several independent methods • Includes physical, technical and administrative controls • Doesn’t prevent an attack but slows an attackers advance which allows for detection & response
  • 14. The Leasing Model We move to a leasing model where medical device manufacturers are constantly updating hospitals medical devices to the latest and greatest most secure platform