Device Security: The State of the ArtExpert Kevin Fu on How to Mitigate Today's Top Vulnerabilities
It's been a hot topic for years, but we are still only in the earliest stages of ensuring medical device security, according to expert Kevin Fu of Virta Laboratories. In this video interview, Fu discusses the top security gaps and how to mitigate them.
To start with, Fu says, many healthcare organizations simply have the wrong mindset, i.e. "Will hackers disrupt someone's pacemaker?"
"We tend to focus on the most sensational [aspects], as opposed to the most important, in terms of patient outcomes," Fu says. "So although I think improving the security of some of these easy-to-relate-to-the-public scenarios is important, the real problem is much more basic."
The key questions to answer are: Will the devices be working all the time? Will they be available to help deliver treatment?
"It's not necessarily hackers breaking into medical devices that's the biggest problem," Fu says. "There's much more low-hanging fruit, such as how to ensure that hospitals stay online."
In this interview at Information Security Media Group's recent Healthcare Security Summit in New York, Fu discusses:
- Myths and realities of medical device security;
- How to articulate the business risk of device security;
- What he envisions as the 2017 medical device security agenda.
Fu is associate professor of electrical engineering and computer science at the University of Michigan, where he directs the Archimedes Research Center for Medical Device Security. Previously, he served as an associate professor of computer science and adjunct associate professor of electrical and computer engineering at the University of Massachusetts, Amherst. Fu also has served as a visiting scientist at the Food and Drug Administration, the Beth Israel Deaconess Medical Center, Microsoft Research and Massachusetts Institute of Technology Computer Science and Artificial Intelligence Lab. He's also founder, CEO and chief scientist at malware-detection startup firm Virta Laboratories.