technology
Dual responsibility
While integration is beneficial , strategic segmentation ensures that , even if one system is compromised , the ripple effect is contained .
5 . Implement multifactor authentication ( MFA ): simple username-password combinations are no longer enough . By integrating MFA , access to critical systems can remain restricted even if credentials are compromised .
Michael Murphy outlines six key steps to upgrading security measures . Picture : Supplied
Global best practices can help providers bolster OT infrastructure security
By Michael Murphy
As the world becomes increasingly digitised , the convergence of operational technology ( OT ) with traditional enterprise IT networks is inevitable . This allows aged care providers to better adapt to changing work environments and to harness the power of a connected world . However , while such integration unlocks efficiency and innovation , it also introduces challenges .
Historically , legacy healthcare OT systems have enjoyed a certain degree of security due to an ‘ air gap ’, which physically isolated these systems from other networks , minimising cyber threats . However , as OT and IT networks intertwine , the air gap is shrinking , causing previously siloed departments to face unprecedented vulnerabilities .
The situation becomes increasingly complex with the surging adoption of Internet of Things ( IoT ) and Internet of Medical Things ( IoMT ) devices across both OT and IT domains . Every additional device connected to the network – from medical equipment to communications systems – widens the attack surface .
This expansive linked environment provides ample opportunities for potential attackers to exploit vulnerabilities , shifting the discourse from the possibility of an attack to the certainty of one unless comprehensive measures are taken .
For aged care providers , the urgency cannot be understated . Disruptions in OT systems can lead to lifethreatening situations , meaning it ’ s vital that organisations enhance the security and resilience of their systems . By implementing global best-practices ,
28 agedcareinsite . com . au aged care facilities can effectively guard against cyber risks to ensure that residents receive uninterrupted care , even as digital threats evolve .
There are six key steps that aged care providers can take to bring global best practices to a local level :
1 . Embrace a holistic approach : organisations should view OT and IT as part of an integrated system , instead of separate entities . This requires a security strategy that encompasses the entirety of the institution ’ s digital infrastructure , ensuring that there are no weak points for cyberattackers to exploit .
2 . Continuous monitoring and assessment : the threat landscape is rapidly evolving , and periodic security assessments aren ’ t enough . Real-time monitoring tools that offer insights into the network ’ s health , detecting anomalies and preventing breaches before they wreak havoc , are essential .
3 . Educate and train staff : human error remains a significant vulnerability . By training staff on best practices – including recognising phishing attempts and maintaining a strict protocol around password management and device usage – organisations can drastically reduce the risk of inadvertent security lapses .
4 . Prioritise network segmentation : keeping critical OT systems segmented from the broader network can reduce the risk of a potential breach spreading .
“
As OT and IT networks intertwine , the air gap is shrinking , causing previously siloed departments to face unprecedented vulnerabilities
6 . Stay updated : regularly updating software , firmware , and security patches ensures that known vulnerabilities are addressed . Cyber adversaries often exploit outdated systems , so staying current is a fundamental defence mechanism that should not be overlooked .
Aged care providers hold a dual responsibility to residents to provide quality care while securing sensitive personal and health data . A cyber breach in OT systems not only undermines trust , but also carries legal and reputational risks , affecting long-term resident satisfaction and institutional credibility .
OT systems are a vital part of care across the healthcare industry , and any disruption can result in catastrophic life-threatening outcomes , such as malfunctioning equipment . As technology advances in healthcare – including telemedicine and real-time monitoring – securing OT is no longer just about preventing disruptions , it ’ s also about empowering seamless innovation , shaping the future of aged care without the constant threat of cyberattacks .
The road to robust OT security in aged care is ongoing : as the environment adapts and changes , so , too , must the protective measures . By embracing global best-practices and fostering a culture of continuous improvement and vigilance , aged care organisations can pave the way for a future where operational continuity and resident safety are never compromised . ■
Michael Murphy is the head of operational technology and critical infrastructure at Fortinet