TRENDING:

Endpoint Security , Governance & Risk Management , Internet of Things Security

Addressing IoT, OT Security Risks in Healthcare

Chris Frenz of Mount Sinai South Nassau on Emerging Cyber Challenges Marianne Kolbasuk McGee (HealthInfoSec) • August 12, 2021    
Chris Frenz, assistant vice president of IT security, Mount Sinai South Nassau

OT and IoT devices can pose patient safety concerns in healthcare environments, says Chris Frenz, an IT security leader of Mount Sinai South Nassau, a 455-bed teaching hospital in New York.

See Also: LIVE Webinar | Stop, Drop (a Table) & Roll: An SQL Highlight Discussion

"There's a ton of IoT devices and OT equipment within a hospital, and a lot of those can impact patient care," Frenz says in a video interview with Information Security Media Group.

"People often think of IoT devices as security cameras and things like that - and hospitals do have challenges keeping those secure," he says. "But there is also a lot of OT equipment, such as things that control your HVAC systems or pressure sensors in various rooms … like isolation rooms, to keep either negative or positive pressure, depending on the patient's condition.

"If that pressure isn't kept at the appropriate level because it becomes malware-infected or the system goes down due to a ransomware attack, that has patient safety, as well as employee safety, risks," says Frenz, who is a speaker at the Healthcare Information and Management Systems Society 2021 conference in Las Vegas this week.

In this video interview, Frenz also discusses:

  • Reducing security risks for legacy medical devices;
  • Security incidents involving critical supply chain partners;
  • His organization's top security projects and priorities in the months ahead.

Before joining Mount Sinai South Nassau last year, Frenz was CISO at Interfaith Medical Center in Brooklyn. He has applied the "zero trust" model in healthcare and worked on medical device security.

Previous
Accenture Hit by Apparent Ransomware Attack
Next
Zero Trust and the Critical Role of Strong Authentication

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.



Around the Network

Are We Doomed? Not If We Focus on Cyber Resilience
Are We Doomed? Not If We Focus on Cyber Resilience
The Persisting Risks Posed by Legacy Medical Devices
The Persisting Risks Posed by Legacy Medical Devices
Organization-Wide Passwordless Orchestration
Organization-Wide Passwordless Orchestration
Showing Evidence of 'Recognized Security Practices'
Showing Evidence of 'Recognized Security Practices'
David Derigiotis on the Complex World of Cyber Insurance
David Derigiotis on the Complex World of Cyber Insurance
Whistleblowing Brings Visibility to the Role of CISOs
Whistleblowing Brings Visibility to the Role of CISOs
Aité-Novarica's Cybersecurity Impact Award
Aité-Novarica's Cybersecurity Impact Award
How 2U Inc. Is Fortifying Its Systems and Solutions Designs
How 2U Inc. Is Fortifying Its Systems and Solutions Designs
Protecting the Hidden Layer in Neural Networks
Protecting the Hidden Layer in Neural Networks
Craig Box of ARMO on Kubernetes and Complexity
Craig Box of ARMO on Kubernetes and Complexity

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.