There were 2,686 software vulnerabilities across the top 20 products in the May through July time frame, according to the Quarterly Vulnerability Update by Flexera Software’s Secunia (News - Alert) Research. But, interestingly, it was a health care system that was most at risk early this summer, the firm reported.
“Usually, widely familiar enterprise and personal applications like web browsers, operating systems, PDF readers and all kinds of desktop and data center software from big vendors like Oracle, IBM (News - Alert), Microsoft, and others show up in these reports,” wrote Nicole Segerer of Flexera Software in a recent blog.. “In the May to July 2016 timeframe, however, the application with the highest number of software vulnerabilities was Philips (News - Alert) Xper Connect, a hospital information system.”
Kasper Lindgaard, director of Secunia Research at Flexera Software noted that the health care industry is a key target for hackers, who sometimes turn around and the sell the information they’ve captured on the black market. He added that the Internet of Things opens the door even wider for potential health care-related hacks.
That’s a real problem, especially given that health care is among the key verticals in which the IoT is taking off.
As Homaira Akbari (News - Alert), the founder, president, and CEO of strategic advisory services company AKnowledge Partners, noted in the third quarter 2016 issue of IoT Evolution magazine: “The next big market is health care.”
Indeed, in announcing its acquisition of Withings this April, network infrastructure giant Nokia (News - Alert) noted that health care is expected to be one of the largest vertical markets in the IoT, with analysts forecasting that mobile health, with a compound annual growth rate of 37 percent, will be the fastest growing health care segment from 2015 to 2020. (Withings is a company based in France that sells such products as activity trackers, blood pressure monitors, thermometers, and more.)
That said, IoT device makers and systems providers need to focus more on securing their endpoints, networks, and larger solutions; software suppliers should track which customers are using which software versions so they can more quickly notify them of vulnerabilities and provide them to patches; and enterprises should monitor their software for vulnerabilities and mitigate them, Segerer noted.
Edited by Maurice Nagle