data, and cybercriminals.
This book touches heavily on the technical aspects of protecting internet-connected medical devices, but its scope is much broader than that. It provides a larger legal, privacy, and threat landscape perspective, which completely shapes the context for why having insecure medical devices presents a challenge for today's hospitals.
What Does This Book Cover?
This book covers a broad range of subjects in and around the protection of data and the challenges related to IoMT.
Chapter 1: The Darker Side of High Demand This chapter sets the stage for why internet-connected medical devices are so insecure. It explores some of the chief drivers for today's healthcare and why healthcare tends not be overly focused on cybersecurity, historically speaking.
Chapter 2: The Internet of Medical Things in Depth This chapter dives into the technical side of internet-connected medical devices. It defines what is and is not an internet-connected medical device, and explores the larger context of those devices and how they fit together with other technologies.
Chapter 3: It Is a Data-Centric World This chapter explores many of the different facets of what is and is not medical data. The definition is often blurrier than we might expect, and the ramifications can be large—especially once big data is part of the overarching picture. The ramifications and risks are often not what they may seem.
Chapter 4: IoMT and Health Regulation This chapter covers how HIPAA and other regulations relate to the deluge of data created as a result of internet-connected medical devices. It also looks at the enforcement mechanisms related to HIPAA through the Office of Civil Rights.
Chapter 5: Once More into the Breach This chapter focuses on the actions of cybercriminals once they take initial steps into an organization. It covers why cybersecurity is so difficult with the vulnerabilities that internet-connected medical devices have and how attackers take advantage of those vulnerabilities.
Chapter 6: Say Nothing of Privacy This chapter explores the history and evolution of privacy and how that privacy relates to both HIPAA data and the proliferation of data relating to internet-connected medical devices. It also brings surprising ties to big data and the challenges to the data market.
Chapter 7: The Short Arm of the Law This chapter explores the global legal landscape and the related enforcement challenges and how that landscape only amplifies the challenges related to vulnerable internet-connected medical devices.
Chapter 8: Threat Actors and Their Arsenal This chapter explores, at a high level, the various threat actors, some of the characteristics of their arsenal, and why they are so effective at their tradecraft.
Chapter 9: Enter Cybersecurity This chapter provides an in-depth introduction to what cybersecurity is. It explores some of the basic tradecraft of cybersecurity and related disciplines.
Chapter 10: Network Infrastructure and IoMT This chapter explores what a network is, how it is set up, and some basic network architectures and tools that can be used to protect internet-connected medical devices from harm.
Chapter 11: Internet Services Challenges This chapter reviews some of the basic services of the internet and how those services relate to internet-connected medical devices.
Chapter 12: IT Hygiene and Cybersecurity This chapter describes the basics of IT hygiene, what it is, and why it is important. IT hygiene is also something that is not possible with internet-connected medical devices, which brings increased risks to those devices.
Chapter 13: Identity and Access Management This chapter explores the complex world of identity and access management. It touches on the technology, the governance, the challenges that many internet-connected medical devices have, and how internet connected medical devices affect the security posture of organizations.
Chapter 14: Threat and Vulnerability This chapter explores the various tools and techniques related to discovering vulnerabilities within an environment and the associated challenges with internet-connected medical devices.
Chapter 15: Data Protection This chapter explores some basic data protection strategies, governance, and tools related to protecting data. It has ties back to privacy, big data, IT, and other considerations.
Chapter 16: Incident Response and Forensics This chapter explores incident response and forensics from a disciplinary perspective and how internet-connected medical devices can be a challenge to the two disciplines.
Chapter 17: A Matter of Life, Death, and Data This chapter takes a step back from the details of cybersecurity to examine how all of the cybersecurity considerations fit into the bigger governance frameworks and why decision-making can be so challenging.
Chapter 18: Seeds of Change This chapter explores some of the changes we need to better protect internet-connected medical devices. It explores everything from decision-making processes to hospitals, supply and demand, and so on.
Chapter 19: Doing Less Harm This chapter covers some strategies that we can focus on to optimize the overall balance between competing needs related to securing internet-connected medical devices.
Chapter 20: Changes We Need Despite the many we have talked about, there are still fundamental changes that need to take place in order to better protect hospitals, data, and internet-connected medical devices.
How to Contact the Publisher
If you believe you've found a mistake in this book, please bring it to our attention. At John Wiley & Sons, we understand how important it is to provide our customers with accurate content, but even with our best efforts an error may occur.
To submit your possible errata, please email it to our Customer Service Team at [email protected] with the subject line “Possible Book Errata Submission.”
How to Contact the Author
We
