By Scott Bristol
Information Security Manager, Dräger

The May 2017 “WannaCry” ransomware attack proved that there is no system without vulnerability. The attack infected businesses, universities, manufacturers, government agencies and hospitals in at least 150 countries. In the healthcare industry, it wasn’t just administrative PCs that were hacked; medical devices were infected as well.

A reported 90 percent of healthcare organizations experienced a data breach in the 24 months from April 2014 through April 2016. Of the healthcare data breaches that occurred in 2015, 98 percent were caused by hackers. Research has shown that data breaches could be costing the healthcare industry $6.2 billion per year. 

At Dräger we develop technology for life. Our customers depend on this technology and expect our products to be secure against vulnerabilities that could affect overall functionality, security and privacy of patient data.

This is why we proactively:

• Established a dedicated cybersecurity team
• Developed a coordinated disclosure statement to act as a single point of contact for security issues
• Provided security training to all levels of employees involved with Development Lifecycle
• Continuously submit for Defense Information Assurance Certification and Accreditation Process (DIACAP) and Federal Information Processing Standards (FIPS) accreditation

We also recommend that healthcare organizations flip the script and adopt a “defense is the best offense” mentality to combat the unseen dangers of today.

Considerations for healthcare providers include:

• Foster a culture that prioritizes security – it’s essential that all users are trained and aware of the all possible security risks.
• Meet hackers’ level of sophistication – update your technology to combat cyber attacks.
• Work with a trusted partner – align security measures across your organization with solutions providers who commit themselves to producing reliable equipment.