Hardware Hacking in Healthcare: Expert Insights
John Shegerian, Co-Founder, Chairman and CEO of ERI recently shared expert insights in the presentation, The Insecurity of Everything: Hardware Hacking Trends.
Data security regulations now exist in all fifty states, federally, and internationally. Risks are universal as all businesses and individuals including healthcare professionals utilize devices that retain data that becomes vulnerable to cybercriminals. The healthcare industry and hospitals are increasingly at risk for ransomware and other types of cyberattacks. Several recent examples illustrate the risks and repercussions that result from a combination of inadequate resources and a lack of clear and effective cybersecurity guidelines.
The pandemic has amplified many of the cyber risks associated with breaches and hardware hacking in healthcare. According to Shegerian, “Many of you are working from home or working in some sort of hybrid situation. We’ve learned that due to COVID, people started working for home without all the guardrails that are typically set up by CTOs in hospitals and healthcare settings. Workers at home unfortunately, started using their personal hardware, tablets, cell phones, laptops, desktops, for business purposes, and their business hardware, for personal purposes, it just happens when we have time crunches, when something breaks down, and we must go to a backup plan. That means there’s a cross contamination when data from one platform gets on to another. There’s a cross contamination of your personal data onto your professional hardware. And vice versa. This means if you work for a healthcare organization, or agency, and you believe there’s a chance that you’ve had cross contamination, which I’d be shocked if there wasn’t please adhere to the protocols provided by your Chief Technology Officer. Make sure data and devices are responsibly destroyed when it comes to end of life, not put on eBay or Craigslist.”
To learn more, please stay tuned for John’s future podcast with host Catherine Short on 1st Talk Compliance.