November 16, 2023. The EU-funded CYMEDSEC Horizon Europe project, launched in Berlin on November 3, will create new cybersecurity standards based on the security-by-design approach, gather evidence from the field and create a risk/benefit toolbox for industry and regulators. The project consortium brings together regulatory, cybersecurity, technology and patient care experts to develop secure solutions for Internet of Medical Things (IoMT) devices over four years.
Categories
Tags
Contact info
Silicon Saxony
Marketing, Kommunikation und Öffentlichkeitsarbeit
Manfred-von-Ardenne-Ring 20 F
Fax: +49 351 8925 889
Contact person:
In recent years, the healthcare sector has emerged as a prime target for cyberattacks. Startling statistics from 2022 show that 35% of all cyberattacks were targeted at the healthcare industry – a worrying trend that continues to grow. On average, the cost of a data breach in healthcare is estimated at $7.13 million, the highest of any industry. The impact on patient privacy and the financial stability of healthcare providers is profound and raises urgent concerns about cybersecurity in the healthcare sector.
Cybersecurity is not just about protecting data, but also about ensuring the confidentiality, integrity and availability of medical digital services. At a time when the healthcare supply chain is vulnerable to cybercrime, the question is not if, but when, the next cyberattack will occur. Navigating the complex regulatory requirements can be a daunting challenge, but the need to transition to better processes for regulatory oversight and a security-by-design model has never been more important.
One of the most pressing issues is the security of digital medical devices, of which there are currently over 2 million different types in use with an average age of 14 years. Experts estimate that 75% of these devices are at risk of a cybersecurity breach.
“Nevertheless, IoMT devices are becoming increasingly important for healthcare,” explains Stephen Gilbert, Professor of Medical Device Regulatory Science at TU Dresden and coordinator of the project, “during the Covid pandemic, remote monitoring of patients became crucial. Patients were able to leave hospital early and be monitored in their own homes. However, this requires that the remote monitoring devices work securely and are systematically protected against hacker attacks or malware.”
Intelligent, adaptable and evidence-based regulatory approaches that are based on real-world application scenarios are essential.
As part of CYMEDSEC, the Barkhausen Institute will further develop its secure-by-default computer architecture and operating system platform for use in medical devices. The research will focus on the development of hardware and software building blocks for secure communication and software update processes required for secure and maintainable IoMT systems. The Barkhausen Institute is also researching methods for detecting malicious changes to hardware circuitry during manufacturing to ensure that no “Trojan horses” can hide in medical devices.
The CYMEDSEC consortium consists of the Technical University of Dresden, the Vrije University of Brussels (Belgium), the Barkhausen Institute (Germany), the Athena Research Center (Greece), the Casa Sollievo della Sofferenza Foundation (Italy), Secunet (Germany), Particle Summary (Portugal), the Espirito Santo Hospital in Evora (Portugal), the ICONS Foundation (Italy), Umana Medical Technologies (Malta), Austrian Standards International (Austria) and Medisanté (Switzerland).
– – – – – – –
Photo: Barkhausen Institute
