Professional Documents
Culture Documents
Cybersecurity Vulnerabilities in Health Care: Medical Devices and the Internet of Things
Sarah Armenio
Start
1. Cybersecurity
vulnerability
detected and shared
among device
manufacturers
2. Determine which
devices and
software
components are
affected
3.Fix implemented
and software update
released
4. Software update
imported into
hospital s over-the-air
(OTA) server
6. Is there an
update available No End
for this device?
Yes
7. Download update
and store on device
Yes
8. Is device
currently being
used?
No
9. Implement
Update
End
Running head: CYBERSECURITY VULNERABILITIES IN HEALTH CARE
3
Step
ess
#2
are affected
Running head: CYBERSECURITY VULNERABILITIES IN HEALTH CARE
5
vulnerability
to be
exploited
3 Potential Cause(s) Slow Vulnerability Failure on
reaction from buried in code. developer to
manufacture No existing understand the
s on fix fixes or vulnerability.
workaround Poor
documentation
in reporting.
4 Severity Moderate Moderate Moderate
5 Probability Frequent Uncommon Uncommon
Running head: CYBERSECURITY VULNERABILITIES IN HEALTH CARE
6
6 Hazard Score 8 4 4
S
o
p
c
e
s
s
#
5
t
Running head: CYBERSECURITY VULNERABILITIES IN HEALTH CARE
7
(serious determine if
design flaw update is
in OTA available.
server)
3 Potential Cause(s) Design flaw Damaged or OTA server
in OTA worn out flash updated more
server memory. recently than
Firmware device
defects
4 Severity Minor Minor Minor
5 Probability Remote Uncommon Remote
6 Hazard Score 1 2 1
Running head: CYBERSECURITY VULNERABILITIES IN HEALTH CARE
8
S
o
p
c
e
s
s
#
8
t
Running head: CYBERSECURITY VULNERABILITIES IN HEALTH CARE
9
device implementation
between
download and
implementation
6 Hazard Score 1 2 1