The US government has allocated more than $50 million to develop tools for patching hospital systems. According to the Advanced Research Projects Agency for Health (ARPA-H), which is behind the plan, there are many obstacles to patching systems in hospitals and other healthcare facilities, increasing the risk of attacks.
For example, hospitals have to deal with a large number of devices, the number of IT resources available is limited and there is little room for downtime to test and roll out updates. “Despite the size of the cybersecurity industry, challenges in the healthcare sector are not being adequately addressed, even as more devices than ever are connected to networks,” ARPA-H said.
With the Universal PatchinG and Remediation for Autonomous Defense ( UPGRADE ) program, the government agency wants to develop a tool that can autonomously scan for vulnerabilities and roll out security updates or other solutions. This should prevent IT staff from having to work manually, while systems are protected. The idea is that the solution is developed jointly by manufacturers, cybersecurity experts and hospital IT staff.