{"id":43351,"date":"2020-09-30T01:57:00","date_gmt":"2020-09-30T05:57:00","guid":{"rendered":"http:\/\/blog.cybercon1.com\/?p=43351"},"modified":"2020-09-30T01:57:00","modified_gmt":"2020-09-30T05:57:00","slug":"a-recipe-for-reducing-medical-device-internet-of-things-risk","status":"publish","type":"post","link":"https:\/\/blog.cyberconservices.com\/index.php\/2020\/09\/30\/a-recipe-for-reducing-medical-device-internet-of-things-risk\/","title":{"rendered":"A Recipe for Reducing Medical Device Internet of Things Risk"},"content":{"rendered":"\n<p>\u00a0By\u00a0<a href=\"https:\/\/securityintelligence.com\/author\/abby-toth\/\">Abby Ross<\/a>\u00a0co-authored by\u00a0<a href=\"https:\/\/securityintelligence.com\/author\/ralph-ramsey\/\">Ralph Ramsey<\/a> &#8211; The healthcare system today uses various security technologies for connected devices, many of which assign a risk score to vulnerabilities. The score is meant to help hospital security teams understand and prioritize vulnerabilities that elevate risk. Those technologies, however, use different formulas to calculate the risk score. Furthermore, they are often focused on technical risk rather than the clinical impact on the hospital in terms of patient safety or disruption of a physician\u2019s workflow.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"alignleft size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/cdn.pixabay.com\/photo\/2017\/05\/20\/23\/24\/keratometer-2330096__340.jpg\" alt=\"\" width=\"787\" height=\"600\"\/><\/figure><\/div>\n\n\n\n<p>For example, while some scanning tools provide a score based on the&nbsp;<a href=\"https:\/\/securityintelligence.com\/calling-into-question-the-cvss\/\">Common Vulnerability Scoring System<\/a>&nbsp;(CVSS), medical device security platforms (MDSPs) monitor what devices are doing, collect data, apply machine learning, build behavioral models and calculate a risk score. Both technologies view risk through a technical lens.<\/p>\n\n\n\n<p>The U.S. Food and Drug Administration (FDA) also has its own health care device\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/www.fda.gov\/medical-devices\/digital-health\/cybersecurity\" target=\"_blank\">classification<\/a>\u00a0formula. It focuses on a vulnerability\u2019s associated exploit, what an attacker can do with the exploit and the potential harm that can be done. Again, these elements are viewed through a technical lens, not including the clinical impact on the hospital.  <a href=\"https:\/\/www.google.com\/url?rct=j&amp;sa=t&amp;url=https:\/\/securityintelligence.com\/posts\/big-data-in-healthcare-reducing-risk-internet-of-medical-things\/&amp;ct=ga&amp;cd=CAEYACoUMTYwMDUwMjU5MzQ3NTk3MDQ0NzMyGmEyZDc1YTAxNDlhODIxZDc6Y29tOmVuOlVT&amp;usg=AFQjCNGi0WKS01FOs0NC1JfxACHjIJVKGQ\">Read On:<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u00a0By\u00a0Abby Ross\u00a0co-authored by\u00a0Ralph Ramsey &#8211; The healthcare system today uses various security technologies for connected devices, many of which assign a risk score to vulnerabilities. The score is meant to help hospital security teams understand and prioritize vulnerabilities that elevate <span class=\"excerpt-dots\">&hellip;<\/span> <a class=\"more-link\" href=\"https:\/\/blog.cyberconservices.com\/index.php\/2020\/09\/30\/a-recipe-for-reducing-medical-device-internet-of-things-risk\/\"><span class=\"more-msg\">Continue reading &rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[649,626],"tags":[650,627],"class_list":["post-43351","post","type-post","status-publish","format-standard","hentry","category-internet-of-things","category-iot","tag-internet-of-things","tag-iot"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/posts\/43351","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/comments?post=43351"}],"version-history":[{"count":0,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/posts\/43351\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/media?parent=43351"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/categories?post=43351"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.cyberconservices.com\/index.php\/wp-json\/wp\/v2\/tags?post=43351"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}