The CERT Division of Carnegie Mellon's Software Engineering Institute has released its list of 10 technologies emerging in the next five years with the greatest vulnerabilities in terms of cybersecurity, finance, personal health and safety.
For the healthcare industry, two of these developing technologies have the greatest risk in these areas: augmented reality and smart medical devices.
"It's sort of a rat race, to look at the emerging technology, find areas at risk and direct your research efforts toward prevention," Christopher King, vulnerability analyst at CERT, told Healthcare IT News.
For the 2016 Emerging Technology Domains Risk Survey, King and his colleagues examined about 2,000 emerging technologies to arrive at a list of 10 with the highest potential risk.
Sign up for the Healthcare IT News Privacy & Seurity Update newsletter.
Healthcare's greatest challenge is that "anything that can be networked is being networked," according to King.
Some of these devices, however, weren't designed to be connected to the Internet. Smart medical devices, for instance, were traditionally not developed to be networked, he said. Manufacturers added in the network port to add value to their products with remote monitoring and other features.
"The problem is these hospital networks are very complex," said King. "Many devices are connected, and it's hard to see where everything is. Plus, these devices have really poor security and are difficult to update."
Although the FDA has recently established rules about how these devices need to be built to protect against a cyberattack, in King's experience, many developers are hesitant to adopt the rules as it's financially difficult.
Augmented reality, meanwhile, allows providers to see a live direct or indirect view of a physical environment augmented by computer-generated sensory input – sound, video or graphics, for instance.
[Also: CISOs: Healthcare's new rock stars. Special report: Ransomware to get worse, hackers targeting whales, IoT opens new vulnerabilities]
According to King, this provides a lot of "extra rich data to surgeons," but it increases the risk for the patient.
"Surgeons take information from the AR and trust the data," King said. "But if something like false information is inserted into the program, they can make a decision based on potentially bad data."
These technologies may still be emerging, but they'll be commonplace soon enough, he said.
"As a society, we're moving from reliance upon technology into dependence. From a cybersecurity perspective, it makes us victims. Cybersecurity is going to get worse before it gets better."
Twitter: @JessieFDavis
Email the writer: jessica.davis@himssmedia.com
