Make the connection: Cybercrime in the medical device sector

21 April 2017 10:31

We don’t like it when things go wrong. We expect security as standard. From our bank accounts to online shopping, we put faith in our passwords, and hope they make the services we use as difficult to hack as possible.

As the medical device sector becomes increasingly reliant on technology, the number of connected devices helping improve our health and well-being is growing at a considerable rate. Technical innovation has started its journey to transform the delivery of health care.

Devices that administer medicine remotely, or send data to healthcare professionals are becoming part and parcel of the way global healthcare systems are operating. Artificial intelligence is helping us book appointments with our physicians and is even claiming to be able to triage patients faster than a real person. Add to this the way that cloud-based systems are being used to help SMEs deal with the challenges of medical device labelling, traceability and regulatory compliance, and the level at which technology has become ingrained in the medtech sector is evident.

Amid this however, we have the issue of security. In everyday life, online security is part of the way we browse, shop and communicate. However, should the safety of a connected medical device be compromised, the consequences can be far more serious than the loss of money from a bank account. At one end we have potential intellectual property theft, the cost of which can be extensive if a business decides to pursue legal cases should counterfeit products find they way into the market, for example. And at the other end we have the possibility that cyber attacks can cause serious injury, even death. A hacker only has to get lucky once to cause damage. Serious stuff.

Cyber crime is big business. According to a report by OCISIA with BAE Systems, cybercrime is costing the UK economy alone around £27bn. The 2016 Ponemon Institute Cost of Cyber Crime Study that every cyber crime case in the US costs a company over $15 million.

With recent FDA guidance highlighting the need for medical device manufacturers to consider cybersecurity vulnerabilities across a product’s lifecycle, it’s obvious the issue needs to be considered at the start of a device’s life.

Malware, ransomware, cybersecurity – they’re not exactly words to get excited over. The connected device sector is undeniably innovative, sexy and increasingly amazing. New technology can be jaw-dropping and there seems to be no limits to where it’s going next. But how much does security feature and at what stage? Many managing directors and CEOs, would be the first to admit that they don’t possess, or have the time to acquire, in-depth cyber-security knowledge and that unless something goes wrong it isn’t something that’s necessarily at the top of their agendas.

Clearly things will have to change. As the medical device sector pushes ahead with machines that talk to each and communicate with the healthcare sector, experts also need to engage in communication. From cybersecurity experts to people leaving university armed with the know-how and skills to tackle this issue head-one, the expertise is there, waiting to be utilised. Making the connection – via devices and humans– is the first step towards ensuring things don’t go wrong.

Related

Nail the sale: Expert advice on how to secure a deal

Futura Medical appoints Roy Davis as non-executive director

Medovate and JEB join forces for medical device innovation

Active and passive: Safety devices and diabetes care