Why OT Security Keeps Some Healthcare Leaders Up at NightAli Youssef of Henry Ford Health on Risks Posed by Nonmedical Connected Gear
It's not just medical device cybersecurity that's keeping some healthcare security leaders up at night - it's also the risks posed by other critical connected gear that patients and clinicians depend upon, said Ali Youssef, director of medical device and emerging tech security at Henry Ford Health System.
For instance, security incidents, such as attacks that affect the proper functioning of operational gear and other devices, can pose threats to patients; safety and well-being, he said in an interview with Information Security Media Group conducted at the recent HIMSS cyber forum in Boston.
"If you're dealing with a temperature system or an HVAC system - in the context of an operating room, that could be a life-critical situation," he said. "If the humidity and the temperature are not just right, it can have severe ramifications."
In this audio interview with Information Security Media Group (see audio link below photo), Youssef also discussed:
- Top frustrations involving the cybersecurity of legacy medical devices;
- The potential impact of the Food and Drug Administration's "refuse to accept" policy that beginning Oct. 1 will require manufacturers to include cybersecurity details in medical device submissions to the agency (see: FDA Finalizes Guidance Just as New Device Cyber Regs Kick In);
- Other regulatory mandates that might be necessary to improve the state of medical device cybersecurity in health delivery organizations.
Youssef has over 22 years of experience in biomedical engineering and healthcare IT. He has written on mobility and medical device security and co-authored the book "Wi-Fi Enabled Healthcare" in 2014. Youssef is a HIMSS Fellow and serves on the AAMI Healthcare Technology Leadership Committee.