The medical Internet of Things is set to transform health care through smart medical devices. ABI Research believes that the millions of connected medical devices introduce dangerous new threat vectors into the healthcare IT infrastructure, and will seriously undermine patient safety and effective care delivery if left unchecked.
“We estimate spending by health care providers and OEMs on health care cybersecurity to reach $5.5 billion by 2016,” says Michela Menting, Research Director at ABI Research. “However, only $390 million of that will be dedicated to securing medical devices. Health care stakeholders have to understand that there is a new hostile environment that will emerge around networked medical devices and that threat actors have multiple levels of skills and diverging motivations for attacking the medical IoT.”
The money spent on securing medical devices will primarily be due to OEMs embedding security in the hardware, reviewing, analyzing, pen testing, developing patches, and performing other-the-air updates, among other functions. The rest of the expenditure will focus on data protection. But medical devices suffer from numerous vulnerabilities, and many often compound several critical vulnerabilities: code errors in software, use of hardcoded passwords, disabling of firewalls, lack of authentication mechanisms, unencrypted communications, among many other issues.
Protecting devices requires addressing technical issues, health care delivery, and business challenges. To do this, collaboration across the various stakeholder silos is necessary. The industry, however, is at the beginning stages of the discussion. Globally, the efforts are poor, and the U.S. is the only country currently putting significant energies into the matter.
However, awareness is growing, which will push spending on devices to triple globally by 2021, resulting primarily from dynamic U.S. public and private efforts in the space. A few companies are already fully embracing medical device cybersecurity.
These findings are from ABI Research’s Securing Medical Devices.