When it comes to the Internet of Things (IoT), security concerns should be at the top of everybody’s mind. IoT security flaws have resulted in widespread Internet outages in the past, but that’s only a minor concern compared to what could go wrong: medical IoT devices, like smart infusion pumps, could literally put lives at risk if they are hacked. When it comes to IoT in healthcare, proper security is a necessity for patient safety.
One company working to address the life-threating security risks of medical IoT devices is ZingBox, which recently closed its Series B funding round for $22 million. This capital will go toward further development of ZingBox’s IoT Guardian security solution.
IoT Guardian takes a novel approach to IoT security, and is based on device personality. Using machine learning algorithms, IoT Guardian automatically builds a profile of IoT devices, classifying and categorizing them as it learns their behavior. With this unique understanding of each device in a network, IoT Guardian can identify anomalous behavior, assess security risks, and alert operators of suspicious activity.
“The need to gain a deeper understanding of the unique individual personalities of IoT devices remains a foreign concept to many,” said ZingBox CEO Xu Zou. “Unfortunately, you need to understand the device personalities to gain accurate visibility and protection.”
This need is further highlighted by the results of a recent ZingBox survey, which found that 90 percent of health-care IT networks include IoT devices. The survey also revealed that 76 percent of health-care IT professionals feel confident in the security of their devices, although ZingBox has demonstrated that this confidence is undeserved. Specifically, at DefCon’s IoT Village last month, ZingBox security expert Daniel Regalado gave a presentation describing how to hack a leading model of infusion pump.
“This is a tremendous opportunity to raise awareness of health-care organizations regarding their perception of security and their need to consider modern techniques such as cloud, machine learning and real-time remediation across an organization's entire IoT footprint,” said ZingBox CTO May Wang.“IoT requires a more thorough approach to constantly monitor for deviations in behavior and provide alerts for suspicious behavior."
If there are any IoT engineers left who don’t take security seriously, ZingBox’s findings should provide them with a wake-up call. For designers of medical IoT devices in particular, security vulnerabilities are simply unacceptable. If the potential loss of life isn’t enough of a deterrent, class action lawsuits and the loss of engineering licenses could await any engineers who fail to consider proper security measures.