Author: Constancio Fernandes, VP of Engineering, Asimily

The security teams at healthcare systems tasked with safeguarding massive fleets of medical IoT devices are used to getting a heavy dose of cybersecurity patch advisories—the challenge is what to do next.

There has been no shortage of these urgent alerts flagging complex IoMT device vulnerabilities over the past few years, from the aptly named Urgent/11 to SweynTooth, GRUB2, and countless others. However, those alerts don’t offer security teams any insights into the actual risk posed to their healthcare organizations. In fact, it’s usually not even clear which internet-connected devices the known vulnerabilities impact, or how critical it is to take action and mitigate those issues.

Security and IT teams grappling with the nuances of securing IoMT vulnerabilities must overcome four specific challenges including:

1) A Clear Understanding that the IoMT is Unique.

IoMT security has its own unique set of factors unlike those in any other IoT-saturated industry.

These connected medical devices can affect patient health and the integrity of clinical operations. Even monitoring devices with no internal data storage or ability to impact patients can serve as entry points for dangerous attacks. And, tight regulations on IoMT manufacturers and their devices mean that directly applying patches isn’t even always an option. 

Organizations usually react to cybersecurity alerts by taking steps to recognize and patch endpoints and servers endangered by vulnerabilities. However, the pace and quantity of new vulnerabilities are overwhelming. In practice, security teams must address tens of thousands of vulnerabilities—which affect their thousands of devices—with the limited resources at their disposal. The challenge for the security team becomes accurately prioritizing its focus to zero in on vulnerabilities that actually present urgent risks.

2) Organizations Often Can Only Patch IoMT Device Vulnerabilities at Their Own Risk.

[…]