Preventing digitally sourced patient harm: managing cyber risk throughout digitally-enabled medical devices' life cycle
2024-09-27 , Bradman Theatrette

Mainstream narrative within the cyber security industry tells us that financial loss, legal exposure, and organisational reputational damage are the most serious impacts that we can expect from malicious cyber activity.

However, when examining the role that digital technologies play within delivering life-saving medical care via digitally-enabled medical devices, we begin to realise that the consequences of unmanaged cyber risk within this context can be literally life-threatening.

Nick Baty will discuss why taking a 'whole-of-lifecycle' based approach is the only proportionate way to managing cyber security risk associated with digitally-enabled medical devices. This session will cover off:

o What is a digitally-enabled medical device (it's not always what you think)?;
o Cyber threats facing digitally-enabled medical devices today, and what the impact can be;
o Recent examples of digitally-enabled medical device compromises;
o What is meant by a 'life-cycle' based approach?;
o How might it be implemented, and what are the challenges facing adoption?; and
o How can cyber security professionals support the adoption of this approach in their own small way

Nick joined the Bastion Security Group in December 2021 and is based in Dunedin. However, he has over 18 years’ security experience in both private and public sector organisations.

Nick’s area of expertise are in:
• cyber security ‘thought-leadership’,
• cyber security governance,
• virtual Chief Information Security Officer engagements,
• undertaking cyber security risk and maturity assessments,
• cyber strategy and policy development,
• cyber security work-program development,
• cyber security supply chain management,
• executive cyber security support,
• cyber security user awareness training delivery,
• cyber security in the health sector,
• cyber risk management across the lifecycle of digitally-enabled medical devices, and
• cyber security in the financial services sector.

Key cyber security leadership roles Nick held prior to joining Bastion Security were:
• Chief Cyber Security Adviser: Ministry of Health (MoH); and
• Team Leader - Outreach & Engagement: National Cyber Security Centre.

From a health sector context, Nick’s role at MoH was responsible for driving an increase in the cyber security maturity of the whole of the New Zealand health and disability sector (public and private).

Nick also has many other achievements he is proud of, which can be seen below:
• Navigator Professional Leadership Programme: Outward Bound (2016),
• New Leaders Development Programme: Melbourne Business School (2018),
• NZITF conference speaker (2022),
• Institute of Directors Company Director’s Course (2023), and
• Christchurch Hacker’s Conference speaker (2023).