By Tim Nissen, 3 January 2017
The European Union Agency for Network and Information Security (ENISA) recently published their official guidance on Securing Smart Hospitals and Securing Smart Airports; these are available to the public and free to download from the ENISA website. Both reports were produced by Trilateral Research’s Consultancy team, as part of their ongoing work for ENISA on smart infrastructures.
The Smart Airport report contains guidance for airport decision makers on implementing good practices within their environments, so as to enhance the security of both passengers and the airport operations. It contains the output of a detailed analysis and threat mapping process undertaken by our researchers, whereby vulnerabilities of smart airport components were highlighted. Also developed within this report were specific attack scenarios, constituting salient tools for underlining the risks involved in integrating smart components into the traditional airport IT systems which acts to increase the attack surface open for exploitation.
Smart Hospitals evolve when Internet of Things (IoT) components are integrated into existing infrastructures to support the core functions of a hospital. The resulting intersection of various stakeholders, numerous interconnected assets and high flexibility requirements, blurs organisational boundaries and creates new levels of complexity. Given the nature of assets at stake (patient life, sensitive personal information and financial resources) information security is a key issue for smart hospitals. The guidance produced by Trilateral for ENISA contains recommendations for stakeholders including hospital executives and industry representatives on good practices in enhancing information security in smart hospitals.