As the internet of medical things grows, the delivery of care moves beyond the four walls of a hospital, and patients become more engaged and accountable. Device manufacturers must be wary of this impending shift because experts predict that there will be between 20 and 30 billion devices within IoMT by 2020, making first-to-market pressures even greater. Above all, medical device manufacturers that rush to drive innovation can’t forget about one of the most important considerations with lasting consequences: device security.
This precaution isn’t “new” news by any standard — security is undoubtedly a hot topic that has found its way into war rooms and boardrooms. For device manufacturers, this means aligning priorities with customers’ needs and giving every device its own secure identity. But administrative stressors exist, including R&D budgets intended strictly for product development and stringent compliance requirements. Implementing a strategy that elevates digital security into production can often be a challenge as a result.
We were interested in quantifying the size and scope of these challenges, so we recently partnered with the Ponemon Institute and produced a study, “The Impact of Unsecured Digital Identities,” (registration required) in which we gathered input from 600 IT professionals across the U.S. The results reinforced exactly what we predicted: Lack of attention and investment in digital identity management is putting deployed technologies at risk.
Finding the dollars for digital security
One of the most interesting discoveries was that organizations spend $18.2 million on IT security annually, yet allocate only 14% to public key infrastructure. Additionally, 65% of respondents are adding layers of encryption to comply with regulations and policies, and 63% say additional certificates are increasing operational costs. These results imply that independent budgets are often standard practice and additional dollars are hard to come by. Decision-makers need to consider more creative ways to use long-term, security-centric funding. It can be as simple as incorporating a separate line item for security investments or as intricate as entrusting capital to a specialized department that can be activated as needed.
Budget investments that prevent catastrophe
Respondents experienced an average of five failed audits or compliance in the past two years, with a 42% likelihood that incidents like these will occur over the next two years. Not enough to drive organizational change? How about a price tag of $14.4 million being tied to failed audits and/or compliance from insufficient management practices? The study confirms that failed audits and lack of compliance are one of the costliest and most serious threats to an organization’s ability to minimize risk.
All IoT Agenda network contributors are responsible for the content and accuracy of their posts. Opinions are of the writers and do not necessarily convey the thoughts of IoT Agenda.