Closing healthcare’s critical cybersecurity chasm
As healthcare and hospitals become increasingly connected, they also become more vulnerable to a cyberattack. “Connected medical devices aren’t just some of the most vulnerable end points in any IT environment, they’re among the least secured,” says Nikos Papadakis, a senior R&D project manager at Space Hellas. While a cyberattack on any IT system can have devastating consequences, when they happen in healthcare, they can have a direct impact on patient safety. For example, a cybercriminal can take over and exploit any medical device connected to a hospital’s network, from MRI machines to electric wheelchairs.
Software solutions designed to protect networked medical devices
Helping to close healthcare’s critical cybersecurity chasm is the EU-funded SEPTON(opens in new window) project. Coordinated by Space Hellas, the project has developed a suite of integrated software solutions specifically designed to protect networked medical devices. “Our solutions cover everything from securing implantable and wearable devices and assessing vulnerabilities to detecting anomalies, sharing information about threats, and delivering hardware-level protections,” adds Papadakis.
Tried and tested in actual healthcare organisations
While each of the project’s tools addresses a distinct layer of medical device security, they all communicate through the SEPTON Dashboard. “By bringing our tools together under one roof, we give healthcare IT teams a practical and usable interface from which they can monitor, manage and moderate security across their entire medical device network,” explains Papadakis. What makes the SEPTON Dashboard particularly unique is its use of such emerging technologies as artificial intelligence (AI), blockchain, hardware acceleration, and formal protocol verification. For example, the multi-agent anomaly detection tool, developed in the project, uses AI to identify unusual network behaviour, while another module uses blockchain infrastructure to implement privacy-preserving data handling. The dashboard has also been validated via real pilot deployments. “The fact that these tools were tested and validated by actual healthcare organisations using real-world security scenarios means we aren’t delivering theory, but tangible and actionable solutions,” remarks Papadakis.
A ready-to-use cybersecurity toolkit
SEPTON has set a new benchmark for healthcare cybersecurity. “By combining cutting-edge technologies into a unified and intuitive dashboard, SEPTON provides healthcare with a holistic, ready-to-use cybersecurity toolkit for protecting networked medical devices,” concludes Papadakis. Although the project itself is now finished, researchers continue to advance the SEPTON solutions. They are also contributing to EU-level guidance on medical device cybersecurity using evidence gathered during the pilot actions. With much of its research made available via open access publications(opens in new window), the project also laid a foundation from which other companies and projects can build, ultimately making Europe’s healthcare community – and patients – more cybersafe.