Nearly three out of four hospitals in the US do not have a designated security person, according to a report by the US Department of Health and Human Services. The shortage of cybersecurity talent is a problem across all sectors, with 25% of businesses taking six months to fill a security role, and many hospitals in smaller areas are struggling to find and retain qualified security staff due to financial hardships and location. Some hospitals are even designating nurse practitioners or employees with little IT experience as security officers.
Dispersed responsibility, lack of asset inventory is causing gaps in medical device cybersecurity
Witnesses at a House hearing on medical device cybersecurity highlighted the need for better tracking of devices and their vulnerability to cyber threats. They noted
