Home |
Resources |

Securing IoMT: Protecting Patient Data

  • Article
  • 5 min read

share:

Vital Signs, Vulnerable Systems: Defending IoMT in Modern Healthcare

In early 2024, a significant cyberattack on Lurie Children’s Hospital in Chicago forced the entire institution offline for weeks. The incident postponed surgeries, delayed treatments, and severed access to patient records. This starkly demonstrated the real-world consequences of a healthcare cyber failure. This event is not an outlier but a powerful example of the challenges involved in securing IoMT (the Internet of Medical Things) in an increasingly connected world.

Medical devices are becoming increasingly interconnected. This trend creates substantial security risks for items like infusion pumps, monitors, and wearables. The ENISA Threat Landscape for Health report identified ransomware, data-related threats, and misconfigurations as top concerns for the sector. The integration of IoMT devices improves patient care and operational efficiency, but it also exposes a vast ecosystem of sensitive Protected Health Information (PHI) to new threats. Many of these devices were not designed with security as a primary feature, making them particularly vulnerable.

Consequently, healthcare delivery organizations (HDOs) must move beyond reactive measures. Adopting a proactive, layered security strategy is essential to protect patient data, ensure regulatory compliance with standards like HIPAA, and maintain the fundamental trust between patients and providers.

The Expanding Security Perimeter of the IoMT Ecosystem

The IoMT is the reality of modern healthcare. It includes medical devices, their networks, and the backend systems processing their data. While interconnectivity greatly improves patient care, it also introduces major cybersecurity risks. These risks can severely impact patient health and safety.

The challenge of securing IoMT is compounded by several factors unique to the healthcare environment:

  • Legacy and Unpatchable Devices: Many critical medical devices have long lifecycles and may run on outdated operating systems that vendors no longer support. This makes patching—a fundamental aspect of cyber hygiene—incredibly difficult, if not impossible.

  • Lack of Asset Visibility: Large HDOs can have tens of thousands of connected devices. Without a centralized and automated inventory, security teams cannot protect what they cannot see. This lack of visibility is a critical blind spot in many security programs.

  • Shared Responsibility Gaps: Security is a shared responsibility between HDOs, device manufacturers, and even patients. However, a lack of clear communication and coordination can lead to dangerous security gaps, particularly during device procurement and deployment.

  • Weak Default Configurations: Many IoMT devices are shipped with weak or default credentials. If these are not changed during deployment, they create an open door for malicious actors to exploit.

Top 4 IoMT Vulnerabilities and How to Address Them

Effectively securing IoMT requires a deep understanding of the specific vulnerabilities that attackers exploit. Based on guidance from industry reports and standards bodies like NIST, HDOs must prioritize addressing the following weak points.

1. Inadequate Asset Inventory

An inability to track all connected hardware and software makes it impossible to manage vulnerabilities or respond effectively to threats. This is because HDOs often struggle with “shadow IoMT,” where devices are connected to the network without the knowledge of the IT or security teams.

This creates unmonitored entry points for attackers. A comprehensive and continuous approach to Asset Inventory and Management is the foundational first step. This involves automated discovery tools that can identify, classify, and monitor every device, from MRI machines to clinician tablets.

2. Poor Patch and Vulnerability Management
Viewing patching as a disruption rather than essential “preventive maintenance” leaves critical systems exposed. With thousands of known vulnerabilities, prioritizing which to fix first is a major hurdle. A risk-based approach is essential. Instead of a “patch everything” mindset, organizations should focus on the most critical threats to their specific environment. For unpatchable legacy devices, compensating controls like network isolation become crucial. Effective Posture and Vulnerability Management helps automate this process, reducing the window of opportunity for attackers.

3. Weak Identity and Access Controls
Without a least-privilege approach, a single compromised user account can give an attacker broad access to sensitive systems and data. This applies to both digital access and physical access to devices. Many IoMT devices lack robust authentication mechanisms, making them susceptible to unauthorized access. Implementing strong Identity Management and Access Control policies, including multi-factor authentication (MFA) and role-based access, ensures that users and devices only have access to the resources they absolutely need.

4. Unsecured Data and Networks
The failure to encrypt PHI—both at rest on devices and in transit across the network—makes it vulnerable to interception and exfiltration. Many cyberattacks on healthcare organizations succeed not just because a device was compromised, but because attackers could then move laterally across an open, flat network. A robust Data Security program that includes encryption and data loss prevention is vital. Furthermore, implementing strong Network Security through micro-segmentation can isolate critical IoMT devices, containing a potential breach to a small part of the network.

A Proactive, Layered Strategy for Securing IoMT

A reactive security posture is no longer viable. For this reason, HDOs must adopt a multi-layered strategy that aligns with established frameworks like the NIST Cybersecurity Framework (CSF), which outlines five core functions: Identify, Protect, Detect, Respond, and Recover. Building a resilient security posture is not about a single tool but an integrated strategy that addresses each of these areas.

First, Identify all assets and risks within the environment. This goes beyond device discovery to include a thorough Risk Assessment and Management process to understand where the most significant threats lie. Once you know what you have and what the risks are, you can move to the Protect function. This involves implementing safeguards like access control, network segmentation, and data encryption to defend against potential attacks.

The Detect function is about Continuous Monitoring and Logging and Threat Detection. Since no defense is perfect, HDOs must have mechanisms in place to spot anomalous activity that could indicate a breach in real-time. When a threat is detected, a well-documented Incident Response plan is critical. This ensures that the security team can act quickly to contain the threat and minimize damage.

Finally, the Recover function focuses on resilience. This involves having robust Backup and Recovery systems in place so that, in the event of a destructive attack like the one at Lurie Children’s Hospital, the organization can restore operations and data efficiently.

Strengthening the Human Layer: Culture and Training

Technology alone is not enough. The human element remains a critical component of any successful program for securing IoMT. Social engineering and human error are significant threat vectors in healthcare. Fostering a security-first mindset across the organization is a powerful defense.

This begins with effective Awareness and Training programs. Regular training sessions should educate all staff, from clinicians to administrators, on identifying modern threats like phishing and practicing good cyber hygiene. In addition, and crucially, security must be integrated into the procurement process. To this end, and as recommended by NIST, HDOs should evaluate the security features of medical devices before purchasing them to avoid introducing new risks.

Conclusion: Building Resilience in an Era of Connected Health

The challenges of securing IoMT are significant, but they are not insurmountable. As attacks on healthcare organizations grow in frequency and sophistication, a passive or reactive approach guarantees failure. The potential for disruption to patient care and the exposure of sensitive data require a proactive and adaptive security posture.

Therefore, by implementing a multi-layered strategy grounded in the NIST Cybersecurity Framework, HDOs can build a more resilient defense. Specifically, this starts with complete visibility into all connected assets and extends to robust technical controls, continuous monitoring, and well-rehearsed response plans. Furthermore, and just as importantly, it involves cultivating a strong security culture where every employee is an active participant in defending the organization. In the end, protecting patient data is synonymous with protecting patient safety.

Author

Related resources

  • Article

OT Security: Why It’s Not IT Security – A CISO’s Guide to Risk

  • Article

AI & Deepfakes: Emerging Cyber Threats

  • Article

Exposed OT: Is Your SCADA System on the Internet?

Software for cybersecurity regulations, standards & frameworks

Regulations & standards

Frameworks & guidelines

Controls categories

Discover our Services

Compliance-Labs_compliance-services-illustration

Compliance Services

Compliance-Labs_compliance-strategy-and-risk_picto-post

Strategy and Risk

Compliance-Labs_compliance-cybersecurity-for-OT-illustration

Cybersecurity for OT

Select the fields to be shown. Others will be hidden. Drag and drop to rearrange the order.
  • Software logo
  • Vendor
  • What is this Software?
  • Website
  • Cybersecurity Regulations, Standards and Guidelines Tested
  • Other Cybersecurity Regulations, Standards and Guidelines Supported
  • Deployment
  • Environment
  • Region
  • Industry
  • Capabilities
  • Application and DevOps Security
  • Asset Inventory and Management
  • Audit and Compliance Management
  • Awareness and Training
  • Backup and Recovery
  • Data Security
  • Endpoint and Device Protection
  • Identity Management and Access Control
  • Incident Response
  • Logging and Threat Detection
  • Network security
  • Posture and Vulnerability Management
  • Risk Assessment and Management
  • Software Bill Of Materials (SBOM)
  • Zero Trust Network Access
  • DORA Requirements Supported by the Software
  • HIPAA Requirements Supported by the Software
  • MITRE Mitigations Enterprise Supported by the Software
  • ISO/IEC 27001 Requirements Supported by the Software
  • NERC CIP Requirements Supported by the Software
  • NIST CSF Controls Supported by the Software
  • NIST SP6800-53 (LOW) Controls Supported by the Software
  • NIST SSDF Controls Supported by the Software
  • PCI DSS Requirements Supported by the Software
  • Scope Impact
  • Periodic compliance activities supported by the Software
  • The Software store, process, or transmit
  • The Software requires to be integrated with other systems impacting the cybersecurity or compliance of the customer
  • Software modules implemented
  • Software vendor Third-Party Service Providers (TPSPs) used
  • Software NERC CIP scoping
  • Software NIST SSDF scoping
  • Software PCI DSS scoping
Compare
Compare ×
View comparison Continue browsing software