Healthcare IoT and medical device cybersecurity specialist, Cylera, has formed its first cybersecurity advisory council, bringing together leaders in cybersecurity to share insight and drive innovation to help tackle the myriad of security challenges facing today’s rapidly digitalizing healthcare sector.

As a critical infrastructure, healthcare remains a top target for cybercriminals with access to rich patient data and a potential to cause significant damage and disruption to patient care. This threat is ever greater with rising geopolitical tensions and potential state-sponsored attacks. In fact, 89% of US healthcare organizations experienced a breach last year, with some of these reportedly attacked an average of 43 times in those 12 months. More than 20% of these healthcare organizations reported increased patient mortality rates due to the breach, with delayed procedures and delayed medical tests the most common consequence. The average cost of a data breach in the global healthcare sector amounted to over $10 million last year according to IBM.

And the potential cybersecurity risk to the sector is anticipated to get worse with further digitalization. “Healthcare is undergoing a particularly dramatic digital transformation with accelerated spend in IoT expected to reach $54 billion by 2029,” says Timur Ozekcin, CEO of Cylera. “Already medical devices account for more than 30% of connected endpoints at hospitals with devices ranging from X-Rays and CT machines, mobile ultrasound machines, radiotherapy and chemotherapy devices plus online building systems and CCTVs. 

“Also, the number of remotely monitored patients has risen sharply in the past couple years. Connected environments are becoming increasingly more complex in healthcare and, with the sector planning further digital investment tens of thousands of more devices will join the IT networks, many of which could be a security risk, expanding a hospital’s attack surface for threat actors to exploit.

“Remote user access, unsegmented and potentially unmanaged networks, legacy operating systems, and limited visibility into IoT device risks are just some of the security challenges keeping healthcare leaders and heads of hospital IT awake at night as they try to navigate the complexities of today’s interconnected device landscape,” adds Timur.

The Cylera Cybersecurity Advisory Council is made up of select members and involves CISOs, CIOs, and CTOs from major healthcare providers and hospitals along with private sector companies. The Council will meet at least four times a year to share best practices and insight, and to address and tackle the unique security challenges of increasing complex interconnected healthcare systems.

One of the advisory council members, Brian Tschinkel, CISO at Weill Cornell Medicine, says, “Cyber threats to the healthcare sector are among the most sophisticated and targeted across any industry. Healthcare networks are incredibly complex with interconnected medical and IoT devices that caregivers rely on to deliver the highest level of care to their patients. It is mission critical for hospitals to have visibility of their attack surface and therefore visibility into all connected assets to help secure their organizations. I look forward to advising Cylera to help stay ahead of future cybersecurity challenges.”

The Cylera Cybersecurity Advisory Council will also guide Cylera in its global expansion plans and the latest innovations to its IoT device cybersecurity and intelligence platform. “Cylera is at the forefront of IoT cybersecurity,” adds Tomás Maldonado CISO at the NFL (National Football League) and Cylera Advisory Council member. “With increasing digitalization and rapid adoption of IoT devices across every industry, including sports and entertainment venues, it’s imperative to stay ahead of the cybersecurity risks to the connected devices that make up our new cyber-physical environments. I’m delighted to be working through the advisory council to help shape the future of Cylera on its mission to safeguard our connected world.”