Key questions about cybersecurity in the medical device industry: Q&A with GlobalData thematic analyst

Alexandra Murdoch has been an analyst on the medical devices team since July of 2021. She currently leads the medical themes team, and prior to that she led the wound care management, neurology, diagnostic imaging, and dental therapy areas. Prior to joining GlobalData, Alexandra completed a master’s degree in Health Information Science.

Alexandra Murdoch: Since the start Covid-19, virtual medicine, digital health and remote patient monitoring devices are more popular. The rise of digital health devices happened quite quickly to ease wait times and reduce crowds in hospitals and other healthcare institutions, and there wasn’t always time to address the cybersecurity challenges that come with using these devices. The increased use of technologies such as cloud increased the potential attach surface and technology security teams did not have time to install adequate security defences.

Alexandra Murdoch: Medical device companies can defend themselves against cyber threats through investing in cybersecurity measures. There is cybersecurity hardware which includes chip-based security, protecting chips from cyberattacks. There is also cybersecurity software, which includes identity management, network security, endpoint security, threat detection and response, cloud security, data security, email security, application security, unified threat management, and vulnerability management. Medical device companies should evaluate different types of cybersecurity measures and determine which are best for their devices to ensure they can prevent cyber threats.

Alexandra Murdoch: The largest change in recent years is the use of digital health tools. Digital health tools are used in multiple therapy areas, including diagnostic imaging, healthcare IT, patient monitoring, and more. The widespread use of these devices and the quick adoption due to Covid-19 has made it challenging to keep up with the cybersecurity needs. Additionally, with changing software, some cybersecurity measures previously put into place can no longer be used. For example, in diagnostic imaging there are many older, legacy devices that are no longer compatible with the technology being used in hospitals alongside these devices. This has resulted in certain devices lacking software updates and going without adequate cyber protection.

Alexandra Murdoch: Cybersecurity innovation is doing relatively well at keeping up with evolving threats so far. That being said, technology is advancing so quickly that it is hard to say what the future holds for cybersecurity and how well innovation will keep up. With artificial intelligence advancing in healthcare and digital health devices, the cybersecurity landscape could look very different in a couple years’ time.

Alexandra Murdoch: Medical device companies are investing more time and money in cybersecurity in recent years, but again because of the rapid adoption of various digital health tools in recent years, many companies have catching up to do. The medical industry deals with a lot of sensitive data including patient data, and cyberattacks can threaten devices and quality of care. Because of the risk cyberattacks pose in medical, companies should be investing considerable amounts into cybersecurity.

GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article.    

GlobalData’s Thematic Intelligence uses proprietary data, research, and analysis to provide a forward-looking perspective on the key themes that will shape the future of the world’s largest industries and the organisations within them.