Addressing Medical Device Vulnerabilities

Medical Devices

Addressing Medical Device Vulnerabilities


Medical Device Security All Day, Every Day

While Owl does great work creating hardened network security devices, such as data diodes, and we’re even looking forward to miniature, embedded solutions in the near future, my main focus at Owl this year is to tell folks in the medical and medical device field about the work and experience of our professional services team.

Our professional services team provides cybersecurity analysis and engineering services to secure connected devices, including embedded software/operating systems, and the networks they connect to.

Why Medical Devices?

Medical devices are increasingly connected to networks, other devices, and the internet. This leads to an increase in the risk of potential cybersecurity threats. These vulnerabilities can potentially impact the safety and effectiveness of the device.

With this in mind, medical devices have been listed as one of the top five cybersecurity threats by the HHS. In fact, the FDA is already pushing manufacturers to be better and report vulnerabilities better. Yet, still, an estimated 70% of medical devices are running outdated Windows operating systems that are no longer supported, and a good number of them have critical vulnerabilities for which a patch was available long ago.

Starting the Conversation

Over the next few months, I’ll be chatting with providers and device makers, discussing comprehensive assessments of the vulnerabilities of medical devices and medical device network environments, in the context of guidelines and compliance needs. Obviously, this isn’t just theoretical, so I’ll also be talking about use cases and sharing how we’ve helped security-conscious organizations confidently design, build, and implement secure devices, ensuring the security architecture is appropriate for the intended use of the devices and device network.

Here’s a brief document telling more about our medical device cybersecurity analysis services.

I’m also excited about the possibilities presented by upcoming advanced hardware-based miniaturized and embedded cybersecurity solutions I previously mentioned that we are developing for medical devices. We think they will change users’ expectations of medical device security design.

Want to connect? Drop me a line at cschick@owlcyberdefense.com.

Charlie Schick Healthcare Consultant

Windows 7 End of Life Puts Hospitals in a Pickle

Microsoft is ending all support for Windows 7 on January 14th, 2020 - less than 3 months away (as of this writing)! After that time, there will no longer be any updates (including securit...
December 4, 2019
Charlie Schick Healthcare Consultant

What do HHS’s latest cybersecurity guidelines mean for healthcare organizations?

At the end of 2018, the US Department of Health and Human Services (HHS) released guidance on cybersecurity best practices for healthcare organizations. Like many in the healthcare indust...
April 19, 2019
Charlie Schick Healthcare Consultant

Medical Device Cybersecurity: Risk, Patching & Plutonium

This February I was at HIMMS Global Conference and Exhibition, one of the largest healthcare IT conferences in the US. My focus there was to see the latest on cyber in healthcare, particu...
March 19, 2019