This audio was created using Microsoft Azure Speech Services
The rapid proliferation of the internet of things (IOT) across the healthcare industry has brought along with it both unprecedented data access and analysis benefits, as well as new categories of operational risk. On the one hand, healthcare professionals can leverage innovations such as “big data” and edge computing to make faster and more accurate decisions. On the other hand, as more connected IoT devices spread across the healthcare facility, the potential cyberattack surface for hackers − who are instigating operational disruptions and demanding ransomware payments − expands.
According to the Ponemon Institute, 75% of global healthcare organizations have experienced cyberattacks. The HiPAA Journal Online has also reported that, in 2020, healthcare facilities in the United States experienced a 25% increase in cyber breaches over the previous year. As a result, many healthcare facility operators recognize the need to redouble their efforts to protect patients, staff, medical equipment assets, IT equipment, and operational infrastructure such as power, cooling, and ventilation systems from cyberattacks.
Edge computing as a strategy to combat cyberattacks
One of the innovative ways that hospital staffs can lower the risk of damaging cyberattacks is through the deployment of edge computing systems. Edge computing can take many forms but, in general, it usually consists of on-premise computing via distributed servers, sensors, and/or micro data centers, and other devices that can function independently or in conjunction with the cloud.
In traditional settings, hospitals collect data in a large, centralized, on-premise data center, and the operators hope the data remains self-contained and not exposed to potential hackers. However, data is generated and collected on the periphery (e.g., nursing stations, radiology departments, operating rooms) of the data center, and protecting that data on its way to the centralized data center can be problematic. Also, most current hospital systems don’t utilize modeling or AI to try and predict where cybersecurity gaps exist. One of the unique advantages of edge computing is the ability to analyze data close to the source of data generation so that cybersecurity threats can be quickly detected and mitigated.
The benefits of edge computing also include bandwidth savings, real-time processing of local data, reduced operational expenses, reduced network latency, and enhanced patient safety. Healthcare IT departments are finding that edge computing benefits far outweigh the potential drawbacks (such as more systems to manage and cybersecurity protection).
IT departments short on staff may struggle to keep up with edge computing maintenance activities such as infrastructure monitoring. That’s why most gravitate towards the deployment of remotely managed security and environmental monitoring solutions for their edge deployments.
Edge systems are distributed − separate departments such as power management, HVAC, planning systems, medical equipment, resources, and building automation can have their own edge system – so it becomes much easier, from a cybersecurity perspective, to segment the various networks. This network layer is important to protect because it’s where devices communicate and turn data into information that facilitates accurate and fast decisions.
The practice of network segmentation, in the context of cybersecurity, implies building protective virtual fences by splitting the hospital networks into zones so that, if a breach occurs, the damage is limited to the subnetwork as opposed to the entire network. In a network segmentation scenario, if a hacker successfully attacks an aging Windows server operating the building management system, for example, the upstream analytics and downstream individual devices would still be protected.
New generation products and edge system management tools also bolster cybersecurity
One of the best ways to manage edge computing systems is through the deployment of remote monitoring software. For example, software packages like Schneider Electric’s EcoStruxureTM IT automatically collect critical infrastructure sensor values regularly and submit that data to a centralized data lake in the cloud. That data is then pooled with data collected from thousands of other Schneider Electric customer sites.
Once in the data lake, asset behavior across many equipment brands and multiple sites is compared. All actions taken in response to alarms are tracked using data on equipment behavior before and after an incident. This output provides a clear record of actions and their consequences, positive and negative. Such data pool correlation offers a deeper understanding of the root causes of problems. It can generate predictive reports that advise operators regarding which actions to take before problems result in unanticipated downtime.
Skilled IT staff are in short supply, especially in smaller, more rural hospitals, so many healthcare facility operators are turning to managed service providers (MSPs) who are trained and who possess the level of expertise needed to remotely monitor edge computing IT, power, and cooling. Using the monitoring technology, they can reduce the need to travel on-site for troubleshooting, thereby saving overall maintenance costs. They can also implement predictive maintenance practices by capturing warning signs of anomalies (like internal temperatures that are exceeding pre-set thresholds or behavioral anomalies) and addressing issues before they result in unanticipated downtime.
In addition, when identifying edge software and hardware products, seek out solutions that are developed and manufactured with a Secure Development Life Cycle (SDL) approach. Product managers and engineers perform secure architecture reviews, test potential threats through modeling of the conceptual security design, follow secure coding rules, use specialized tools to analyze code, and perform security testing of each product. These actions help to ‘harden’ products, making them more resilient against cyber-attacks. In this way, as new products replace old, entire systems evolve to become more cyber secure.
For more information on lower cybersecurity risks
To learn more about how remote monitoring and management solutions help healthcare IT teams to better support edge systems and help combat cybersecurity threats, visit the EcoStruxure IT web page.
