Author: Luke Smith, Sr. Director of Solutions Engineering, Asimily


The Internet of Medical Things (IoMT) arguably stands alone when it comes to the threshold of comprehensive IoT security that healthcare delivery organizations must continually meet. Hospitals, physician practices, and integrated delivery systems need to not only keep their own organizations’ Web-connected devices and equipment always compliant and secure, but they also must ensure patient safety isn’t at risk (and avoid the significant reputational harm that comes from a public breach).

Adding to this challenge is that healthcare organizations tend to deploy uniquely heterogeneous fleets of IoMT devices that contain higher volumes of particularly vulnerable legacy devices. No other industry harnessing IoT capabilities has stakes as high as healthcare, nor such challenging obstacles. As a result, healthcare security teams must carefully craft approaches to address and mitigate certain risks that simply don’t exist in other modern IoT implementations.

There are three key points to understand when building an effective IoMT vulnerability management and security strategy. First, because they face thousands of new vulnerabilities every month, IoMT security teams must pick their battles. Second, managing high device churn means introducing security from the moment of adoption. And third, security leaders must form collaborative teams of experts to manage myriad high-risk devices []