Medical Devices: Addressing VulnerabilitiesPhilips Health Tech's Minatee Mishra Stresses the Need for Software Updates
Hospitals need to improve their efforts to update the software in their medical devices to minimize vulnerability to malware, says Minatee Mishra, lead engineer, security center of excellence, at Philips Health Tech, India.
A medical device typically has a lifespan of 10 years, Mishra explains in an interview with Information Security Media Group. "Because of this phenomenon, what we see is that in hospitals you would find medical devices which have an obsolete OSS still running," she says.
In many cases, IT departments are reluctant to update the devices, she points out. "Hospital staff would not like to upgrade a hospital's MRI system because it's a critical thing," she says. "But if you do not update these devices, they become [vulnerable] to malware, which can then spread to the hospital network.
this interview (see audio link below image) at ISMG's recent Fraud and Breach Prevention Summit in Bengaluru, Mishra also discusses:
- The security challenges of medical devices;
- How much IoT security impacts the healthcare industry;
- The privacy challenges in the industry.
Mishra leads the security center of excellence at Philips HealthTech, India, a medical device manufacturer, and has been instrumental in setting up the SCoE within Philips. The SCoE is a central organization responsible for work in the field of security testing. Mishra has 18 years experience in software design, architecting, and security.