{"title":"与临床医生合作伙伴平衡患者安全、临床疗效和网络安全。","authors":"Joseph Schneider, Axel Wirth","doi":"10.2345/0899-8205-55.1.21","DOIUrl":null,"url":null,"abstract":"Where We Stand Today Cybersecurity events affecting healthcare organizations are in the news with increasing frequency, indicating their growing impact and expanse. We have seen incidents ranging from breaches affecting millions of patient records to attacks shutting down hospitals across the country, with at least one of them tragically contributing to the death of a patient. Most recently, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and Department of Health & Human Services (HHS) issued a joint warning about the healthcare industry being a target of expanding ransomware activity. Meanwhile, ransom financial demands are rising and adversaries are resorting to increasingly brazen methods, including exfiltrating data and extorting patients. COVID-19 has accelerated the trend toward connectivity in healthcare. We have added remote workers and remote patients using telehealth services and are placing devices in patients’ homes, offering a wide range of attack opportunities as critical data are transmitted across home and public networks. Healthcare is now taking place in a much more complex and highly accessible space, offering rich data and a growing attack surface. With the rapidly evolving, increasingly connected information technology (IT) infrastructure and growth of cyberthreats, healthcare is facing a perfect storm. The danger is exacerbated by the fact that we are no longer dealing solely with individual hackers but mainly with well-resourced cybercriminal organizations, as well as politically and economically motivated adversaries (e.g., nation-states, cyber terrorists). Global economic losses due to cyber incidents are estimated to be in the $3-trillion range and are expected to reach $6 trillion in 2021 and $10.5 trillion by 2025. Healthcare organizations are expected to spend $125 billion on cybersecurity over the next 5 years. It is imperative that healthcare improve its cyber defenses and “cyber culture.” This includes expanding our understanding of cyber risks, better defining what we must protect, learning how to protect it in ways that support efficient workflows and safety, and instilling good user cyber behavior. IT security and clinical engineering cannot do this alone. To develop a safe and effective path forward, we also need cyber-savvy clinicians working as partners to ensure that clinical needs are met in security decisions. This article proposes an approach and explores how we might achieve this.","PeriodicalId":35656,"journal":{"name":"Biomedical Instrumentation and Technology","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8641426/pdf/i0899-8205-55-1-21.pdf","citationCount":"4","resultStr":"{\"title\":\"Balancing Patient Safety, Clinical Efficacy, and Cybersecurity with Clinician Partners.\",\"authors\":\"Joseph Schneider, Axel Wirth\",\"doi\":\"10.2345/0899-8205-55.1.21\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Where We Stand Today Cybersecurity events affecting healthcare organizations are in the news with increasing frequency, indicating their growing impact and expanse. We have seen incidents ranging from breaches affecting millions of patient records to attacks shutting down hospitals across the country, with at least one of them tragically contributing to the death of a patient. Most recently, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and Department of Health & Human Services (HHS) issued a joint warning about the healthcare industry being a target of expanding ransomware activity. Meanwhile, ransom financial demands are rising and adversaries are resorting to increasingly brazen methods, including exfiltrating data and extorting patients. COVID-19 has accelerated the trend toward connectivity in healthcare. We have added remote workers and remote patients using telehealth services and are placing devices in patients’ homes, offering a wide range of attack opportunities as critical data are transmitted across home and public networks. Healthcare is now taking place in a much more complex and highly accessible space, offering rich data and a growing attack surface. With the rapidly evolving, increasingly connected information technology (IT) infrastructure and growth of cyberthreats, healthcare is facing a perfect storm. The danger is exacerbated by the fact that we are no longer dealing solely with individual hackers but mainly with well-resourced cybercriminal organizations, as well as politically and economically motivated adversaries (e.g., nation-states, cyber terrorists). Global economic losses due to cyber incidents are estimated to be in the $3-trillion range and are expected to reach $6 trillion in 2021 and $10.5 trillion by 2025. Healthcare organizations are expected to spend $125 billion on cybersecurity over the next 5 years. It is imperative that healthcare improve its cyber defenses and “cyber culture.” This includes expanding our understanding of cyber risks, better defining what we must protect, learning how to protect it in ways that support efficient workflows and safety, and instilling good user cyber behavior. IT security and clinical engineering cannot do this alone. To develop a safe and effective path forward, we also need cyber-savvy clinicians working as partners to ensure that clinical needs are met in security decisions. This article proposes an approach and explores how we might achieve this.\",\"PeriodicalId\":35656,\"journal\":{\"name\":\"Biomedical Instrumentation and Technology\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2021-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8641426/pdf/i0899-8205-55-1-21.pdf\",\"citationCount\":\"4\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Biomedical Instrumentation and Technology\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.2345/0899-8205-55.1.21\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"Medicine\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Biomedical Instrumentation and Technology","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.2345/0899-8205-55.1.21","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Medicine","Score":null,"Total":0}
Balancing Patient Safety, Clinical Efficacy, and Cybersecurity with Clinician Partners.
Where We Stand Today Cybersecurity events affecting healthcare organizations are in the news with increasing frequency, indicating their growing impact and expanse. We have seen incidents ranging from breaches affecting millions of patient records to attacks shutting down hospitals across the country, with at least one of them tragically contributing to the death of a patient. Most recently, the Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation, and Department of Health & Human Services (HHS) issued a joint warning about the healthcare industry being a target of expanding ransomware activity. Meanwhile, ransom financial demands are rising and adversaries are resorting to increasingly brazen methods, including exfiltrating data and extorting patients. COVID-19 has accelerated the trend toward connectivity in healthcare. We have added remote workers and remote patients using telehealth services and are placing devices in patients’ homes, offering a wide range of attack opportunities as critical data are transmitted across home and public networks. Healthcare is now taking place in a much more complex and highly accessible space, offering rich data and a growing attack surface. With the rapidly evolving, increasingly connected information technology (IT) infrastructure and growth of cyberthreats, healthcare is facing a perfect storm. The danger is exacerbated by the fact that we are no longer dealing solely with individual hackers but mainly with well-resourced cybercriminal organizations, as well as politically and economically motivated adversaries (e.g., nation-states, cyber terrorists). Global economic losses due to cyber incidents are estimated to be in the $3-trillion range and are expected to reach $6 trillion in 2021 and $10.5 trillion by 2025. Healthcare organizations are expected to spend $125 billion on cybersecurity over the next 5 years. It is imperative that healthcare improve its cyber defenses and “cyber culture.” This includes expanding our understanding of cyber risks, better defining what we must protect, learning how to protect it in ways that support efficient workflows and safety, and instilling good user cyber behavior. IT security and clinical engineering cannot do this alone. To develop a safe and effective path forward, we also need cyber-savvy clinicians working as partners to ensure that clinical needs are met in security decisions. This article proposes an approach and explores how we might achieve this.
期刊介绍:
AAMI publishes Biomedical Instrumentation & Technology (BI&T) a bi-monthly peer-reviewed journal dedicated to the developers, managers, and users of medical instrumentation and technology.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
