80% of medtech firms suffered a cyber attack in the past five years

Survey finds that just 18% of organizations believed their medical device security was strong

CAT scan machine with IoT markings in the foreground

Medical internet of things (IoT) devices promise great benefits, but companies working with them must tighten their cyber security, according to new research from Irdeto.

The security company surveyed senior executives at Fortune 1000-sized US-based companies working in the medical device sector to assess their cyber security stance.

Responses to the survey suggested a high level of confidence in medical IoT security among just one in five companies, with 18% believing their medical device security was strong. Slightly fewer (13%) believed they were well-prepared to mitigate future risks, while 18% weren’t prepared at all.

These responses correlated with the rate of reported security incidents. The survey found 80% of companies suffered at least one cyber attack in the past five years, with over two-thirds (67.5%) sustaining multiple attacks.

Poor cyber security is often linked to a lack of visibility, as you can’t manage what you can't see. Most companies (78%) found device inventory management problematic, often because of bureaucracy. Many failed to patch the devices they could see, warned the report. And if they did patch them, they used inefficient and possibly dangerous methods, such as passing patches around on USB keys.

Related Resource

Security analytics for your multi-cloud deployments

IBM Security QRadar SIEM solution brief

Security analytics for your multi-cloud deployments - whitepaper from IBMDownload now

Most companies want to mitigate their medical device cyber security problems by turning to the cloud, with 48% advocating for this solution. This clashes with a separate Trend Micro survey that revealed significant cloud adoption challenges, including privacy and security concerns.

When assessing the importance of cyber security, companies concentrated heavily on compliance rather than the risk of business disruption or financial losses. Of the respondents, 80% cited regulatory requirements as a driving factor for cyber security, with just over two-thirds pointing to brand protection as an issue. Only 2.5% worried about ransomware or financial losses.

Understanding those regulations was not universal, with 40% saying they had a good handle on new cyber security rules. Another 45% said their cyber security knowledge was adequate. A worrying 15% claimed to have no knowledge of regulations at all. Some companies were escalating regulatory compliance to board level, while others called in their legal teams. Other companies working with medical devices focused on external help.

Featured Resources

B2B under quarantine

Key B2C e-commerce features B2B need to adopt to survive

Download now

The top three IT pains of the new reality and how to solve them

Driving more resiliency with unified operations and service management

Download now

The five essentials from your endpoint security partner

Empower your MSP business to operate efficiently

Download now

How fashion retailers are redesigning their digital future

Fashion retail guide

Download now

Recommended

Most employees put their workplace at risk by taking cyber security shortcuts
cyber security

Most employees put their workplace at risk by taking cyber security shortcuts

27 Jul 2021
Unilabs to deploy Ibex’s AI-assisted cancer diagnostic platform across Europe
artificial intelligence (AI)

Unilabs to deploy Ibex’s AI-assisted cancer diagnostic platform across Europe

21 Jul 2021
Telepresence medical robot market set to reach $159.5 million by 2028
automation

Telepresence medical robot market set to reach $159.5 million by 2028

19 Jul 2021
AWS launches HealthLake to help health care organizations query medical data
big data

AWS launches HealthLake to help health care organizations query medical data

16 Jul 2021

Most Popular

Samsung Galaxy S21 5G review: A rose-tinted experience
Mobile Phones

Samsung Galaxy S21 5G review: A rose-tinted experience

14 Jul 2021
Salesforce's $28bn Slack acquisition: What's next for workplace collaboration?
collaboration

Salesforce's $28bn Slack acquisition: What's next for workplace collaboration?

22 Jul 2021
One third of cyber security pros report experiencing workplace harassment
Careers & training

One third of cyber security pros report experiencing workplace harassment

22 Jul 2021