First Health Advisory's 2022 IoMT Cybersecurity Survey of HTM Teams

Question Title

* 1. Choose all the options that describe your healthcare delivery organization:

Publicly Owned

Nonprofit

For-Profit

Critical Access

Specialty Clinic

Part of a Health System

Academic Medical Cetner

Other (please specify)

Question Title

* 2. What is the bed count of your organization?

500+

350 – 500

200 – 349

101 – 199

less than 100

less than 10

Question Title

* 3. If part of a health system, how many hospitals belong to the system?

N/A

1-3

4-6

7-10

10+

Unsure

Question Title

* 4. What are your current medical device cybersecurity concerns?
Check all that apply.

Medical equipment getting hacked, leading to patient harm and the equipment being put out of action.

Determining whether the IT Team has IoMT cybersecurity covered.

Desiring to secure IoMT but not knowing where to start.

Implementing a process to onboard devices with the right security settings.

Determining which IoMT have operating systems that are no longer supported or near end of support.

Other (please specify)

Question Title

* 5. Please rank your security priorities in order of importance for your organization:
1 = Most Important

Question Title

* 6. In your current state, how often do IoMT devices enter service with the proper settings to adequately mitigate cyber risk?

Question Title

* 7. In your current state, how easy is it for you to find medical device attributes (e.g.: firmware) when a vulnerability arises?

Question Title

* 8. Select all that describe your current IoMT cybersecurity practices:

*Definition: IoMT Security Application (ISA) - For purposes of this survey, IoMT Security Application (ISA) is defined as an IoMT cybersecurity application that provides, among other benefits, visibility into IoMT devices on your network (e.g., Medigate, Ordr, Palo Alto)

	Yes	No	Always	Sometimes	Never	Initiative for 2022
We have a single CMMS	We have a single CMMS Yes	We have a single CMMS No	We have a single CMMS Always	We have a single CMMS Sometimes	We have a single CMMS Never	We have a single CMMS Initiative for 2022
We have an onboarding process to set up devices with the right settings	We have an onboarding process to set up devices with the right settings Yes	We have an onboarding process to set up devices with the right settings No	We have an onboarding process to set up devices with the right settings Always	We have an onboarding process to set up devices with the right settings Sometimes	We have an onboarding process to set up devices with the right settings Never	We have an onboarding process to set up devices with the right settings Initiative for 2022
We have an ISA*	We have an ISA* Yes	We have an ISA* No	We have an ISA* Always	We have an ISA* Sometimes	We have an ISA* Never	We have an ISA* Initiative for 2022
We have an ISA* to monitor connected devices	We have an ISA* to monitor connected devices Yes	We have an ISA* to monitor connected devices No	We have an ISA* to monitor connected devices Always	We have an ISA* to monitor connected devices Sometimes	We have an ISA* to monitor connected devices Never	We have an ISA* to monitor connected devices Initiative for 2022
We have a process to ensure IoMT device vulnerabilities are addressed prior to the device connecting to the network or being onboarded.	We have a process to ensure IoMT device vulnerabilities are addressed prior to the device connecting to the network or being onboarded. Yes	We have a process to ensure IoMT device vulnerabilities are addressed prior to the device connecting to the network or being onboarded. No	We have a process to ensure IoMT device vulnerabilities are addressed prior to the device connecting to the network or being onboarded. Always	We have a process to ensure IoMT device vulnerabilities are addressed prior to the device connecting to the network or being onboarded. Sometimes	We have a process to ensure IoMT device vulnerabilities are addressed prior to the device connecting to the network or being onboarded. Never	We have a process to ensure IoMT device vulnerabilities are addressed prior to the device connecting to the network or being onboarded. Initiative for 2022
Our CMMS is integrated with our ISA*	Our CMMS is integrated with our ISA* Yes	Our CMMS is integrated with our ISA* No	Our CMMS is integrated with our ISA* Always	Our CMMS is integrated with our ISA* Sometimes	Our CMMS is integrated with our ISA* Never	Our CMMS is integrated with our ISA* Initiative for 2022
Our CMMS, plus our ISA* is integrated with our work order management system so we can dispatch and track technicians with the instructions to correct a device affected by a vulnerability	Our CMMS, plus our ISA* is integrated with our work order management system so we can dispatch and track technicians with the instructions to correct a device affected by a vulnerability Yes	Our CMMS, plus our ISA* is integrated with our work order management system so we can dispatch and track technicians with the instructions to correct a device affected by a vulnerability No	Our CMMS, plus our ISA* is integrated with our work order management system so we can dispatch and track technicians with the instructions to correct a device affected by a vulnerability Always	Our CMMS, plus our ISA* is integrated with our work order management system so we can dispatch and track technicians with the instructions to correct a device affected by a vulnerability Sometimes	Our CMMS, plus our ISA* is integrated with our work order management system so we can dispatch and track technicians with the instructions to correct a device affected by a vulnerability Never	Our CMMS, plus our ISA* is integrated with our work order management system so we can dispatch and track technicians with the instructions to correct a device affected by a vulnerability Initiative for 2022

Question Title

* 9. Select the most accurate response as it pertains to your budget for IoMT cybersecurity:

	Yes	No	N/A
IT controls the budget for IoMT cybersecurity.	IT controls the budget for IoMT cybersecurity. Yes	IT controls the budget for IoMT cybersecurity. No	IT controls the budget for IoMT cybersecurity. N/A
HTM controls the budget for IoMT cybersecurity.	HTM controls the budget for IoMT cybersecurity. Yes	HTM controls the budget for IoMT cybersecurity. No	HTM controls the budget for IoMT cybersecurity. N/A
IT's budget for IoMT cybersecurity is adequate.	IT's budget for IoMT cybersecurity is adequate. Yes	IT's budget for IoMT cybersecurity is adequate. No	IT's budget for IoMT cybersecurity is adequate. N/A
HTM's budget for IoMT cybersecurity is adequate.	HTM's budget for IoMT cybersecurity is adequate. Yes	HTM's budget for IoMT cybersecurity is adequate. No	HTM's budget for IoMT cybersecurity is adequate. N/A
IT controls the budget for CMMS	IT controls the budget for CMMS Yes	IT controls the budget for CMMS No	IT controls the budget for CMMS N/A
HTM controls the budget for CMMS	HTM controls the budget for CMMS Yes	HTM controls the budget for CMMS No	HTM controls the budget for CMMS N/A

Question Title

* 10. The 2022 budget for IoMT Security Application (ISA) is:

*Definition: IoMT Security Application (ISA) - For purposes of this survey, IoMT Security Application (ISA) is defined as an IoMT cybersecurity application that provides, among other benefits, visibility into IoMT devices on your network (e.g., Medigate, Ordr, Palo Alto)

up to $50,000

$50,000 - $100,000

$100,000 - $250,000

$250,000 - $500,000

+ $500,000

Other (please specify)

First Health Advisory's 2022 IoMT Cybersecurity Survey of HTM Teams

IoMT Cybersecurity Survey of HTM Teams

Question Title

* 1. Choose all the options that describe your healthcare delivery organization:

Question Title

* 2. What is the bed count of your organization?

Question Title

* 3. If part of a health system, how many hospitals belong to the system?

Question Title

* 4. What are your current medical device cybersecurity concerns?
Check all that apply.

Question Title

* 5. Please rank your security priorities in order of importance for your organization:
1 = Most Important

Question Title

* 6. In your current state, how often do IoMT devices enter service with the proper settings to adequately mitigate cyber risk?

Question Title

* 7. In your current state, how easy is it for you to find medical device attributes (e.g.: firmware) when a vulnerability arises?

Question Title

Question Title

* 9. Select the most accurate response as it pertains to your budget for IoMT cybersecurity:

Question Title

Question Title

* 11. Title or Role

Question Title

* 12. Contact Information (optional)

First Health Advisory's 2022 IoMT Cybersecurity Survey of HTM Teams

IoMT Cybersecurity Survey of HTM Teams

Question Title

* 1. Choose all the options that describe your healthcare delivery organization:

Question Title

* 2. What is the bed count of your organization?

Question Title

* 3. If part of a health system, how many hospitals belong to the system?

Question Title

* 4. What are your current medical device cybersecurity concerns? Check all that apply.

Question Title

* 5. Please rank your security priorities in order of importance for your organization:1 = Most Important

Question Title

* 6. In your current state, how often do IoMT devices enter service with the proper settings to adequately mitigate cyber risk?

Question Title

* 7. In your current state, how easy is it for you to find medical device attributes (e.g.: firmware) when a vulnerability arises?

Question Title

Question Title

* 9. Select the most accurate response as it pertains to your budget for IoMT cybersecurity:

Question Title

Question Title

* 11. Title or Role

Question Title

* 12. Contact Information (optional)

* 4. What are your current medical device cybersecurity concerns?
Check all that apply.

* 5. Please rank your security priorities in order of importance for your organization:
1 = Most Important