医疗设备中的网络安全漏洞:一个复杂的环境和多方面的问题。
Cybersecurity vulnerabilities in medical devices: a complex environment and multifaceted problem.
作者信息
Williams Patricia Ah, Woodward Andrew J
机构信息
eHealth Research Group and Security Research Institute, Edith Cowan University, Perth, WA, Australia.
出版信息
Med Devices (Auckl). 2015 Jul 20;8:305-16. doi: 10.2147/MDER.S50048. eCollection 2015.
The increased connectivity to existing computer networks has exposed medical devices to cybersecurity vulnerabilities from which they were previously shielded. For the prevention of cybersecurity incidents, it is important to recognize the complexity of the operational environment as well as to catalog the technical vulnerabilities. Cybersecurity protection is not just a technical issue; it is a richer and more intricate problem to solve. A review of the factors that contribute to such a potentially insecure environment, together with the identification of the vulnerabilities, is important for understanding why these vulnerabilities persist and what the solution space should look like. This multifaceted problem must be viewed from a systemic perspective if adequate protection is to be put in place and patient safety concerns addressed. This requires technical controls, governance, resilience measures, consolidated reporting, context expertise, regulation, and standards. It is evident that a coordinated, proactive approach to address this complex challenge is essential. In the interim, patient safety is under threat.
与现有计算机网络连接的增加,使医疗设备面临以前未曾遇到过的网络安全漏洞。为预防网络安全事件,认识运营环境的复杂性并梳理技术漏洞很重要。网络安全保护不仅仅是一个技术问题;它是一个更丰富、更复杂的待解决问题。审视导致这种潜在不安全环境的因素,并识别漏洞,对于理解这些漏洞为何持续存在以及解决方案应是什么样至关重要。如果要提供充分保护并解决患者安全问题,就必须从系统角度看待这个多方面的问题。这需要技术控制、治理、恢复措施、综合报告、背景专业知识、监管和标准。显然,采取协调一致的积极方法应对这一复杂挑战至关重要。在此期间,患者安全受到威胁。
Zotero 插件