Editor’s Note: This content is contributed by Chetan Khona, Director, Industrial, Vision, Healthcare & Sciences at Xilinx
Before you read on, four worldwide events are now open for registration, with San Jose and Munich locations featuring sessions on Industrial and Healthcare IoT security. Register today!
From our friends at Cyber Defense Magazine, here are a few notable cybersecurity statistics for 2019:
- In most cases, it takes half a year to detect a data breach
- Over 75% of the healthcare industry has been infected with malware over the last year
- 95% of cybersecurity breaches are due to human error—phishing attacks are the most common cybersecurity attack
Plan for security over the full product lifecycle
Security, privacy, and safety are all intermingled, especially when it comes to industrial and healthcare assets that interface with people and process personal or corporate information. Going beyond those well-understood dynamics, here’s the real conundrum: because these systems are expensive, they are expected to last a long time. However, the security protections of your system at the time of deployment are unlikely to be sufficient 5, 10, 15 years later due to the evolving nature of cyberthreats.
There are many examples that highlight the cybersecurity risks associated with Healthcare IoT from altering the amount of anesthesia or medication delivered to patients to altering medical imaging records:
- https://www.bbc.com/news/technology-48935111
- https://www.bbc.com/news/technology-41242354
- https://www.bbc.com/news/technology-47812475
Multiple, Independent Layers of Security are a Must
Security architects have a toolbox they use, with the concept of multiple, independent layers of security being one of the long-standing axioms of the security world. As the old saying goes, “if the camel gets his nose under the tent, soon the camel will be in the tent.” In this example, imagine a tent covering a brick house and inside the house is a Brinks truck. Firewalls, VPNs, multi-factor authentication, and other security tools are great, but at the deepest level of a system—the embedded electronics, you need more than a Brinks truck, you need an adaptable embedded software and hardware platform that can keep up with the aforementioned evolving threats that span across supply chain to boot to runtime and communications. This is why cybersecurity is one of the foundational items of the Xilinx Industrial and Healthcare IoT solutions stack.
The solutions stack represents, from the silicon up to the application layer, common elements of Industrial and Healthcare IoT systems, which by the way, Xilinx has invested in developing world-class solutions for, some ourselves, some in partnership with other thought leaders in the industry.
Start your Embedded Cybersecurity Journey
Whether you support industrial or healthcare applications, we urge you to check out (and share with colleagues) both whitepapers written by Xilinx cybersecurity experts:
Industrial IoT cybersecurity paper: https://www.xilinx.com/support/documentation/white_papers/wp513_iec62443.pdf
Healthcare IoT cybersecurity and safety paper: https://www.xilinx.com/support/documentation/white_papers/wp511-risk-mgmt.pdf
Additionally, here’s a recent article on Xilinx cybersecurity solutions: https://www.cbronline.com/opinion/industrial-cybersecurity-embedded-hardware
Because there is so much more to discuss, not only with existing FPGA and SoC products but also with Xilinx’s new 7nm Versal ACAP (adaptive compute acceleration platform) products, we encourage you to attend, free of charge, Xilinx’s annual security working group (XSWG) multi-day events with three locations in North America and one in Europe*. The San Jose and Munich locations will feature sessions on Industrial and Healthcare IoT security.
Let’s end like we started, with some statistics: Did you know that last year, there were approximately 600 attendees across the four locations with about 60% repeating attendees. The devoted following XSWG has earned is mainly due to its technical information, hands-on labs, and market insights. Each year, despite the addition of more venues and larger rooms, the events are booked to capacity, so please register early!
*Active NDA required to attend.
Original Date: 08-07-2019