Health area is a big target to cyberattacks to the information they cover. The application of technologies in healthcare can offer numerous advantages, but it is also necessary to reflect that by using these technologies we are putting the systems in danger and open to vulnerabilities and attacks. Rising Cybersecurity Incidents in Health Care Industries is high concern around the globe. Cybersecurity in Healthcare are very important due to their criticality for people’s well-being and safety. As healthcare devices continue to evolve, so does their interconnectivity expose to cyber threats and it introduces new CS vulnerabilities. In recent years Many CS attack happened include stealing health information, ransomware attacks, and could include attacks on implanted medical devices. Breached had impact huge financial loss, image and reputation loss, end up with legal issues, weaken patient trust, cripple health systems and threaten human life.
It is imperative that time and funding is invested in maintaining and ensuring the protection of healthcare technology and the confidentially of patient information from unauthorized access. the case study will address recent CS incidents, risk associated with interconnected medical devices and describes the most current and common cybersecurity threats to health care organizations.

What Is Cyber Security?
Cyber security is the practice of protecting systems, human resources, and physical assets from attacks. Attacks exploit common vulnerabilities or weaknesses. Malicious code is then delivered to access, change, steal, ransom, or destroy sensitive information. In some cases, the goal of a cyber attack is to disrupt or bring down a network and its business operations.


1.ANALYSIS OF THREATS:
Medical devices include infusion pumps, insulin pumps, patient monitors, medical lasers, heart-lung machines, imaging systems (PET, CT, etc.), ventilators and extracorporeal membrane oxygenation machines, to name a few. Each room includes at least one infusion pump and multiple monitors, because infusion pumps and monitors are connected to a specific patient and have a direct impact on a patient’s care, as compared to other medical devices, it is imperative that these types of medical devices are protected (Mike Miliard, 2016). Insulin or infusion pumps are medical devices that pose a higher security risk not only are these pumps connected to a specific patient for the entire hospital stay, but insulin and infusion pumps can also be hijacked to deliver a different dose than prescribed (either lower, higher or no dose at all). This could potentially lead to patient death or injury (O’Brien et al., 2018).

2.Incidents – WannaCry

The 17th April 2018. WannaCry was the biggest cyber-attack affected the NHS. The WannaCry attack led to nearly 20,000 cancelled hospital appointments. NHS hospitals were paralyzed by their inability to identify impacted devices. Consequently, these NHS hospitals were unable to provide care to their patients. The PAC report found the Department of Health and Social Care (DHSC) and NHS bodies had been "unprepared" for the global WannaCry attack, which happened in May and affected more than 200,000 computers in at least 100 countries. “A cyber-attack is a weapon which can have a huge impact on safety and security.” It needs to be treated as a serious, critical threat. The rest of government could also learn important lessons from WannaCry (William Smart, 2018).

Ransomware is one of the most prevalent and costly security incidents that a business can experience. These types of malware are commonly spread by social engineering techniques, such as phishing, and deny business access to mission-critical files and data.
Ransomware attacks primarily target businesses and public institutions like cities and hospitals. These attacks use tailored pretexts to trick targets, enabling them to infect and encrypt endpoints and spread across the network. The cost of a successful ransomware attack can be in the millions.
Ransomware attacks are expensive but preventable. Putting mechanisms in place to detect, prevent, and mitigate attacks can help ensure that an organization is not the victim of an expensive attack.

3.Strategies for Minimizing Exposure

a) The five key functions identified in the NIST Cyber Security Framework (NIST, n.d.) as follows:
(1) Identify—Develop the organizational understanding to identify and manage cybersecurity risks to systems, assets, data and capabilities, based on the findings of a comprehensive risk management assessment consistent with the unique requirements of the organization;
(2) Protect—Develop and implement the appropriate safeguards to ensure delivery of essential services, and to limit or contain the impact of a potential cyberattack;
(3) Detect—Develop and implement the appropriate activities to identify the occurrence of a cybersecurity event, such as continuous security monitoring and detection processes;
(4) Respond—Develop and implement the appropriate activities to take action in connection with a detected cybersecurity event, such as those identified in an established response plan;
(5) Recover—Develop and implement the appropriate activities to maintain plans for resilience and to restore any capabilities or services that were impaired due to a cybersecurity event.
b) Cybersecurity Risk Management program (NIST, 2018) which include the following key elements:
(1) Monitoring cybersecurity information sources for identification and detection of cybersecurity, vulnerabilities and risk.
(2) Understanding, assessing and detecting presence and impact of a vulnerability.
(3) Establishing and communicating processes for vulnerability intake and handling.
(4) Clearly defining essential clinical performance to develop mitigations that protect, respond and recover from the cybersecurity risk.
(5) Adopting a coordinated vulnerability disclosure policy and practice.
(6) Deploying mitigations that address cybersecurity risks early and prior to exploitation.