News

Securing the Digital Ward: Navigating IoMT Threats and Safeguarding Healthcare in a Connected World

Posted on by Bruce Nguyen
20
May

Today, hospitals and healthcare facilities are increasingly connected, ushering in the era of the Internet of Medical Things (IoMT). While these integrated devices promise to revolutionize patient care, they simultaneously introduce a complex web of cybersecurity challenges. This article delves into the escalating cyber threats confronting hospitals and explores strategic solutions, drawing insights from an exclusive interview with Shankar Somasundaram, CEO of Asimily.

Across the globe, hospitals are embracing connected devices with open arms, aiming to boost efficiency and elevate the quality of care. Devices that diligently monitor patients’ vital signs can instantly alert medical staff to critical changes, while thermal cameras or radar systems can swiftly detect and address patient falls.

“There’s a particularly broad range of network-connected devices in healthcare facilities, and deployments continue accelerating,” Somasundaram explained. “On the patient-facing side, you have infusion pumps, patient monitoring systems, ventilators, and imaging systems like MRI machines and ultrasound devices. But beyond these clinical devices, hospitals also run connected security cameras, badge readers, HVAC controls, etc. The average hospital has around 30 connected devices per patient bed, so you’re looking at thousands of IoT, OT, and IoMT systems converging on a single network.”

Security Risks and Devastating Consequences

While the benefits of IoMT devices are undeniable, they also present a tempting target for malicious actors, who can exploit them as vectors for various types of attacks, most notably ransomware.

“Ransomware remains one of the biggest threats to hospital systems right now. Attackers understand this industry faces enormous pressure to restore operations quickly because downtime directly affects patient outcomes, which makes them more likely to pay. While phishing campaigns targeting hospital staff remain a common initial access vector, connected medical devices or IoT or OT devices increasingly serve as an entry point. Many such IoMT/IoT/OT devices run legacy operating systems that cannot accept patches and were never designed with security as a primary consideration,” Somasundaram stated. “DDoS attacks targeting hospital networks also occur, though typically with less frequency than ransomware.”

The repercussions of such attacks, according to Somasundaram, can be profoundly severe.

“According to the Ponemon Institute, the average cost of recovering from a cyberattack in healthcare is now US$4.4 million when direct costs and lost revenue are both factored in,” Somasundaram revealed.

However, financial impact is merely one facet of the crisis. “When hospital systems go down, clinical staff are forced to revert to paper-based workflows, which slows care delivery at exactly the moments when speed matters most,” Somasundaram added. “Then there’s the regulatory dimension. Hospitals face significant obligations under HIPAA, and a breach that exposes patient data can result in substantial fines and mandatory audits on top of the recovery costs.”

Navigating the Minefield: Challenges for Hospital Operators

Given the gravity of these cyber threats, effective mitigation is paramount. Yet, hospital security teams often grapple with significant hurdles. A primary challenge is visibility. In fact, Asimily’s own survey indicates that 43 percent of hospital Chief Information Security Officers (CISOs) identify a lack of complete device visibility as their top priority to resolve.

“Within most hospitals… procurement and facilities teams own procurement and deployment of IoT and OT devices. Security teams frequently find out after the fact that a new device has been added to the network. There’s often no standard process requiring a handoff of device information at the time of deployment, and that’s increasingly risky,” Somasundaram cautioned.

He elaborated: “The visibility problem gets deeper when you factor in third-party technicians, which almost all healthcare systems use. Biomedical or clinical engineering vendors or service technicians regularly come on-site to service or update devices, and they don’t always communicate configuration changes back to the security team.”

Another significant obstacle is data overload. Asimily’s survey highlights that 20 percent of CISOs cite data overload as the biggest barrier to effective device risk management.

“When you have hundreds of thousands of connected devices generating network traffic simultaneously, the volume of signals flowing into a security dashboard becomes unmanageable without intelligent filtering,” Somasundaram explained, advocating for solutions that filter out raw alerts and ingest only actionable signals.

“Raw alerts are the unfiltered output of that activity. They come in high volume with low context, and they require a security analyst to manually determine whether something warrants investigation. Actionable signals are what you get when you layer in device context, network topology, and behavioral baselines. So instead of just seeing a generic alert about unusual traffic, a security team sees that a specific infusion pump or IP camera on a specific floor has initiated communication with an external IP that doesn’t match any known vendor or update server, and that the device in question has a known vulnerability aligning with a recently published exploit. Knowing that detail, you act immediately,” he detailed.

Somasundaram also underscored the critical importance of network segmentation – a robust defensive measure against cyberattacks. “When devices are properly segmented, a compromised infusion pump on one floor cannot communicate with an administrative workstation or an EHR system on another, or an IP camera or HVAC system cannot be used to a server containing patient data. That shrinks the blast radius of an attack considerably,” Somasundaram emphasized.

Asimily’s Comprehensive Solution for IoMT Security

This is precisely where Asimily’s innovative solution steps in. As a cyber asset and exposure management platform, Asimily offers intelligent filtering, streamlines network segmentation, and provides security teams with a unified, comprehensive view of every connected device deployed within an IoMT environment.

“The platform discovers and inventories every device using network monitoring, protocol-based analysis, deep packet inspection, AI and ML-based traffic analysis, APIs and protocol-based querying. Security teams get a complete, continuously updated picture of what’s on their network without having to rely on manual intake processes or departmental handoffs,” Somasundaram explained.

“Our platform also tackles network segmentation and micro-segmentation directly, generating segmentation recommendations based on actual observed device behavior,” he continued. “Asimily also integrates threat detection and response capabilities, empowering teams with anomalous behavior monitoring and device rules that can capture potential threats. With this functionality, Asimily ensures that teams have network context and understand normal device behavior, so their limited time is spent effectively.”

Related posts:

  1. How open platforms and sustainable tech are redefining security priorities in 2025.
  2. AI-powered security solutions are in growing demand as smart cities and industries seek integrated, intelligent architectures.
  3. TDSi Rebrands as TDSi by Hirsch in 2026, Unifying Security Solutions Under a Trusted Global Name.
  4. Beyond Badges: Facial Recognition Unlocks the Next Generation of Smart Office Security and Convenience
Bruce Nguyen

I'm a technology lover so I'm happy to share my knowledge with everyone.

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x