From the September 2021 issue of HealthCare Business News magazine
Relying on a third-party can address core cybersecurity requirements, but some may argue there are too many tools that insufficiently “solve” a problem. I agree - more tools doesn’t equal better security. Similar to the hospital setting, alarm fatigue from too many tools can result in missing an important alert. Tool sprawl is real and can definitely be detrimental to an organization’s ability to secure critical assets. However, that doesn’t mean everything should be built in house and no experts should be used.
As the range of technical diversity faced has grown exponentially, it is increasingly difficult to secure all the things. Once upon a time there was one mainframe, green screen, and printer, there's now innumerable client access methods, networking, remote connectivity, security, storage, server infrastructures, virtualization, and so forth.
Leveraging an expert in security build for healthcare can relieve the mounting necessity for building devices secure by design.
There are several guidelines out there (the HSCC, JSP, NCCOE, TIR-57) on how to pursue this, but it’s important to remember there is no one standard to rule them all.
We’ve seen from the idiosyncratic progress to date, we haven’t made sufficient progress. Medical device development must undergo a systemic change in how it manages cybersecurity risk for the collective to benefit.
Cybersecurity costs are managed most efficiently when integrated into core business decisions. Moreover, in an efficient economy, access to cybersecurity expertise is the way to ensure efficient and effective solutions that persist the lifetime of a device.
But for our community to have any chance at combating the mounting security debt, malicious actors in our ecosystem, and increasingly complex value delivery systems, we must begin with devices that are proactively secure by expert solutions.
On net: there’s truly good ways to create more good with less; but to get there, we have to do things differently than we have in the past.
About the author: Vidya Murthy is a hands-on leader who is passionate about her people and community. Prior to joining MedCrypt as VP of operations, she worked for global medical device manufacturer Becton Dickinson. Vidya holds an MBA from the Wharton School.
Back to HCB News