Healthcare CSOs and security teams tasked with safeguarding internet of medical things (IoMT) devices and equipment will find themselves up against more challenges than their security counterparts working in other industries. Understanding why that is – and then developing a strategy specific to web-connected medical devices – is key to reducing risk.
When it comes to the step-by-step device vulnerability management process of identifying, classifying, prioritizing, remediating and mitigating issues, the IoMT brings more significant obstacles across each stage.
Whereas industrial or commercial implementations often utilize many of the same IoT sensors or devices across their environment, a typical IoMT environment includes a much more vast, heterogeneous mix of technologies (a mix that almost always includes legacy solutions).
Simply scanning devices to identify issues is not an option. Many legacy IoMT devices cannot tolerate a scan and will crash. Classification and prioritization are also more challenging because IoMT device manufacturers publish an average of 2000-3000 vulnerabilities monthly. A good manufacturer patches only about 1 in 50 of their vulnerabilities […]