The rapid evolution of the Internet of Things (IoT) and Operational Technology (OT) is transforming industries, especially in critical sectors like healthcare. While these innovations promise enhanced efficiency and connectivity, they also expose organisations to a broader and more complex cybersecurity threat landscape. With quantum computing on the horizon, the stakes have never been higher. Andrew Sheedy from Entrust, in a recent webinar, highlighted the urgent need for a proactive shift towards post-quantum (PQ) cryptography and Zero Trust frameworks.

The Past: Lessons in Legacy Cryptography

In his discussion, Sheedy explained the vulnerabilities of classical cryptography in a quantum-enabled future. Traditional RSA and ECC algorithms, fundamental to current public key infrastructure (PKI), will be rendered obsolete by quantum computing. “By 2031,” he warned, “quantum computers will likely break what we rely on today for public key encryption.” This echoes the long migration timeline of SHA-1, where vulnerabilities persisted years after new standards were introduced. The lesson is clear: organisations cannot afford a slow response to emerging threats.

The Present: IoT/OT in Healthcare Under Siege

Cyberattacks on IoT/OT devices in healthcare have surged, with a 60% increase in attacks in 2023 alone. From ransomware targeting medical IoT devices to breaches exposing sensitive patient data, the sector faces unique challenges due to the long lifecycle of its connected devices. Sheedy emphasised the “harvest now, decrypt later” threat, where attackers exfiltrate encrypted data today, banking on quantum technology to decrypt it in the future. In healthcare, this could compromise everything from electronic health records to connected surgical equipment.

The Future: Building Quantum-Resilient Infrastructures

As organisations grapple with these challenges, Sheedy underscored the importance of transitioning to quantum-safe cryptography. He advocated for a structured approach:

1. Establish Crypto Agility: Organisations must map their cryptographic inventory and adopt flexible frameworks capable of incorporating new algorithms without massive overhauls.
2. Leverage Hybrid Solutions: Entrust is pioneering solutions like hybrid certificates, which enable a smooth transition by supporting both classical and quantum-safe algorithms.
3. Adopt Zero Trust Principles: Sheedy remarked, “You cannot have a robust Zero Trust strategy without addressing post-quantum cryptography vulnerabilities.”

The Quantum and IoT/OT Security Intersection

The IoT/OT landscape is particularly vulnerable due to its reliance on long-life connected devices. These devices often lack the computational power to support quantum-safe cryptography. In healthcare, where a single compromised device could jeopardise lives, adopting quantum-resilient measures is non-negotiable.

Statistically, the numbers are sobering:

• By 2025, the IoT/OT cybersecurity market is projected to reach $51.4 billion as industries rush to safeguard their infrastructure.
• Over 70% of IoT devices currently lack basic security features, making them prime targets for quantum-enabled threats.

A Collaborative Effort

Sheedy aptly noted, “This is not a one-person problem. Engage your software vendors, supply chains, and ecosystem partners early and often.” Collaboration across industries and geographies is key to ensuring global interoperability and standardisation of quantum-safe practices.

Conclusion

As the quantum era approaches, organisations must act now to future-proof their IoT/OT ecosystems. The healthcare sector, with its critical dependence on IoT devices, has much to lose but also the opportunity to lead in adopting post-quantum security measures. Embracing innovation, fostering collaboration, and prioritising agility will define the winners in this high-stakes cybersecurity race.

Want to dive deeper into the challenges and opportunities of IoT/OT security in healthcare? Watch the full webinar, IoT and AI in Healthcare: A Prescription for Innovation, featuring insights from Andrew Sheedy of Entrust. Discover how cutting-edge technologies are shaping the future of connected healthcare and learn actionable strategies to enhance your organization’s security and efficiency.

Watch the Full Webinar Now

Don’t miss this opportunity to gain expert knowledge and practical tips from industry leaders!