* [Blog](https://www2.paloaltonetworks.com/blog)
* [Network Security](https://www2.paloaltonetworks.com/blog/network-security/)
* [IoT Security](https://www2.paloaltonetworks.com/blog/network-security/category/iot-security/)
* Post-COVID Healthcare Ref...

# Post-COVID Healthcare Reform Hinges Upon Robust IoMT Security

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fhealthcare-transformation-and-secure-iomt%2F)  
[](https://twitter.com/share?text=Post-COVID+Healthcare+Reform+Hinges+Upon+Robust+IoMT+Security&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fhealthcare-transformation-and-secure-iomt%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fhealthcare-transformation-and-secure-iomt%2F&title=Post-COVID+Healthcare+Reform+Hinges+Upon+Robust+IoMT+Security&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/network-security/healthcare-transformation-and-secure-iomt/&ts=markdown)  
\[\](mailto:?subject=Post-COVID Healthcare Reform Hinges Upon Robust IoMT Security)  
Link copied  
By [Qiang Huang](https://www.paloaltonetworks.com/blog/author/qiang-huang/?ts=markdown "Posts by Qiang Huang")  
Jan 20, 2021  
5 minutes  
[IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown)  
[healthcare](https://www.paloaltonetworks.com/blog/tag/healthcare-2/?ts=markdown)  
[IOT security](https://www.paloaltonetworks.com/blog/tag/iot-security/?ts=markdown)

The healthcare sector was on a steady track [towards digitization](https://iotbusinessnews.com/2013/01/15/55297-berg-insight-says-2-8-million-patients-are-remotely-monitored-today/) and with the massive blow from the COVID-19 crisis it is all but leading the charge. Remote monitoring and other connected medical devices have made it possible for healthcare providers to exceed capacity limits, as the rest of the world realizes the crucial role they play in aiding response staff in enabling "smart" monitoring, timely care, and saving lives. But what happens after the pandemic and what does this mean for security?

The many on-hold non-essential and routine patient care services, like surgeries, will be rescheduled with urgency. This will continue the surge in Healthcare Delivery Organizations (HDOs) to heavily rely upon IoMT devices that support use cases such as remote device management and remote patient monitoring.

In 2020 alone, 40% of manufactured IoMT devices connected to healthcare networks, a jump from 20% in 2018, according to verbal customer validation by one of our customers. In fact, the Food and Drug Administration (FDA) approved 54 new medical devices last year like implantable nerve systems and automated external defibrillators (AEDs)[^1^](https://www.fda.gov/medical-devices/recently-approved-devices/2020-device-approvals). Beyond the four walls of a healthcare delivery organization (HDO), Gartner's IoT Healthcare 2021 Forecast Data is expecting 21% CAGR for healthcare device growth to 873 million in 2025.
![Examples of IoMT-Led Transformation in Healthcare](https://www.paloaltonetworks.com/blog/wp-content/uploads/2021/01/word-image-16.png)
Figure 1: Examples of IoMT-led Transformation in Healthcare

## **Security is the Fundamental Enabler of IoMT**

With all this being said, one of the main drawbacks of IoT in healthcare is the lack of security by design, leaving the serious responsibility of protecting medical devices solely in the hands of HDO security teams.

The proliferation of unmanaged and unaccounted IoMT devices, their disparate nature, lack of security by design, dependence on unsupported operating systems, along with network and internet connectivity considerably widens the attack surface. Recent advisories, [like this one on a TrickBot ransomware campaign](https://us-cert.cisa.gov/ncas/alerts/aa20-302a), identify healthcare as a prime target for attackers, heightening the concern around IoMT. In 2020, [Palo Alto Networks Unit 42](https://unit42.paloaltonetworks.com/) analyzed 1.2 million IoT devices located across enterprises and healthcare organizations, bringing to light some stunning facts and helpful tips on protection these devices:

* **72% of healthcare VLANs mix IT and IoT (or IoMT) devices**
  * Mixing IT and IoT devices on the same network allows malware to spread from users' computers to vulnerable IoT devices, or vice-versa, making it easy for actors to move laterally.
  * A best practice for segmenting your HDO's network is to base it on medical device type, threat levels, usage patterns, and other device profile characteristics using VLAN configurations or NGFW policies, and paying extra attention to north-south communications.
* **41% of attacks exploit vulnerabilities in IoT devices**
  * Sophisticated IT-borne attacks scan for medical devices to exploit known weaknesses and gain access to unencrypted patient identities on IoMT, or other corporate data, and sometimes for monetary profit via ransomware.
  * The gap between IoMT, OT, and IT security best practices enables attacks that IT has otherwise been immune to. In parallel to basing segmentation on identity, network teams can further segment IoT devices by security level---for instance, by separating those running on end-of-life OS from those with up-to-date security patches.
* **Io(M)T devices are vulnerable themselves with 57% vulnerable to medium to high severity alerts**
  * Due to the generally low patch level of IoMT assets, the most frequent attacks are exploits via long-known vulnerabilities and password attacks using default device passwords.
  * A best practice for reducing alerts is to set a baseline for normal trusted device behaviors and closely monitor them for any anomalous and deviant behaviors. Additionally, implementing processes to modify default vendor credentials on device deployment and monitoring for out of band network, IP or port scans, can also aid in reduction of attack surface.
* **83% of imaging devices with old unsupported OS, a 56% jump from 2018**
  * IoMT devices with unpatched vulnerabilities put every HDO's security and privacy at heightened risk.
  * With so many IoMT devices running on end-of-life operating systems (OS), healthcare organizations can deploy active monitoring, inline anti-malware or antivirus tuned for IoT, identify vulnerabilities potentially through an intrusion prevention system (IPS) with custom signature rules for threat detection, or use behavioral analysis technology to identify out of band activity.

Diving deeper, any exploited vulnerability in IoMT enables cybercriminals to take a number of malicious actions that include seizing control of the medical device, stealing sensitive patient health, personal, and insurance information (ePHI), stealing proprietary clinical records, obfuscating network traffic, disrupting healthcare delivery processes, ransoming the device to turn a profit, or just plain lateral movement into the IT network.

As damaging as these cyber activities can be, they're the tip of the iceberg. Cybersecurity incidents aren't going anywhere and are bound to get more egregious as the world continues to grapple with the COVID-19 crisis and its aftermath. Healthcare organizations are in urgent need to proactively tackle IoMT security challenges head on.

The most basic step in securing IoMT begins with obtaining trusted visibility and classification of all IoMT devices across hospital networks, data centers, endpoints, remote clinics, and mobile assets. By doing this, healthcare IT teams will be empowered to take a proactive "prevention-first" approach instead of an "alert-only" reactive approach to keeping medical devices safe from potential threats.

At Palo Alto Networks, we are on a mission to relieve healthcare CISOs from the necessary burden of putting a robust medical device security strategy in place, freeing their organizations to focus on bringing about positive patient outcomes.

For more information and IoT security best practices your organization can deploy, read the full [2020 Unit 42 IoT Threat Report](https://start.paloaltonetworks.com/unit-42-iot-threat-report).

*** ** * ** ***

## Related Blogs

### [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown)

[#### Palo Alto Networks Enables Comprehensive IoT Security for Healthcare Delivery Organizations](https://www2.paloaltonetworks.com/blog/network-security/palo_alto_networks-_iot_security_for_healthcare_delivery_organizations/)

### [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### From Risk to Resilience: OT Security Lessons from Industry Experts](https://www2.paloaltonetworks.com/blog/network-security/from-risk-to-resilience-ot-security-lessons-industry-experts/)

### [Data Security](https://www.paloaltonetworks.com/blog/network-security/category/data-security/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown)

[#### The Medical IoT Security To Depend on When Lives Depend on You](https://www2.paloaltonetworks.com/blog/2022/12/medical-iot-security-to-depend-on/)

### [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Points of View](https://www.paloaltonetworks.com/blog/category/points-of-view/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown)

[#### Securing and Managing IoT and IoMT Devices in Healthcare](https://www2.paloaltonetworks.com/blog/2022/03/iot-iomt-devices-healthcare/)

### [Healthcare](https://www.paloaltonetworks.com/blog/category/healthcare/?ts=markdown), [IoT](https://www.paloaltonetworks.com/blog/category/iot/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown)

[#### MDS2: A Treasure Trove for Internet of Medical Things (IoMT) Security](https://www2.paloaltonetworks.com/blog/network-security/treasure-trove-for-iomt-device-security/)

### [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Next-Generation Firewalls](https://www.paloaltonetworks.com/blog/network-security/category/next-generation-firewalls/?ts=markdown), [Uncategorized](https://www.paloaltonetworks.com/blog/category/uncategorized/?ts=markdown), [Zero Trust Security](https://www.paloaltonetworks.com/blog/network-security/category/zero-trust-security/?ts=markdown)

[#### Zero Trust for Infrastructure: A Key Step in Addressing IoT Security Risks](https://www2.paloaltonetworks.com/blog/network-security/zero-trust-iot-security-risks/)

### Subscribe to Network Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language