Consequences of bad security in health care

Thursday 5 October 14:00 - 14:30, Red room

Jelena Milosevic (Independent security researcher)

Hospitals can be attractive places for hackers. With access to critical medical records and personally identifiable information, there is great opportunity to exploit patients. Health care workers are very busy and, more often than not, there is not a lot of interest in computer security. Privacy and the protection of computer records sometimes gets put on the back burner, and caring for the devices used in hospitals is an after-thought, meaning that computers and other devices are not updated in a timely manner and are prone to vulnerabilities.

This presentation will showcase what security problems we face and what the consequences can be. As a nurse I face these challenges daily. I see vulnerabilities on all levels and in all roles and locations in the hospital – in software, devices, and with humans. The consequences of bad security are huge and can cause harm both to the patient and to employees. Criminal behaviour can go unnoticed for long periods. Without proper security controls patient records can be manipulated. You can imagine the consequences; they can happen.

My goal is to create awareness so that we can build an environment in which health care workers can help the patient not only to regain their health, but to be assured their information and records are secure. Security needs to be built from the ground up so that employees understand the risks at all levels and can do all they can to protect the patient. We must build awareness programmes and develop processes and procedures that are possible to follow, thereby creating a higher level of security to ensure that our patients are not in danger.

This presentation will expose the risks and vulnerabilities in hospitals and aims to start driving the discussion and generation of ideas for procedures to avoid the dangerous pitfalls that put lives in peril. My goal is to ensure that we create a safe and secure environment for our patients and employees.

 

Jelena-Milosevic-web.jpg 

Jelena Milosevic

Jelena Milosevic is a paediatrician and ICU nurse with a lot of experience, having worked at many different hospitals in the Netherlands since 1995, and before that having spent 10 years working in the ICU at the University Children's Hospital in Belgrade.

Over the past three years Jelena has been active in the infosec community and has been applying her infosec knowledge to the healthcare world in order to help improve security for both patients and medical staff. Jelena is a member of the I Am The Cavalry group and a part of the Women in Cyber network.



Register.jpg

VB2017 OVERVIEW

WHY ATTEND

SPEAKERS

PROGRAMME

REGISTER NOW!

VENUE

BOOK HOTEL

VB2017 DRINKS RECEPTION

VB2017 FOOSBALL TOURNAMENT

2017 PÉTER SZŐR AWARD


Other VB2017 papers

The state of cybersecurity in Africa: Kenya

Tyrus Kamau (Euclid Consultancy)

The cyber threats Kenya faces range from basic hacking such as website defacements, financial fraud, social media account…

Walking in your enemy's shadow: when fourth-party collection becomes attribution hell

Juan Andres Guerrero-Saade (Kaspersky Lab)
Costin Raiu (Kaspersky Lab)

Attribution is complicated under the best of circumstances. Sparse attributory indicators and the possibility of overt…

Keynote address: Inside Cloudbleed

John Graham-Cumming (Cloudflare)

In February 2017, Cloudflare was revealed to have been leaking private information including HTTP headers, cookies and POST data…