Healthcare organizations are struggling with how to protect the many older medical devices still in use against mounting cybersecurity threats, reports MedTech Dive.

Legacy medical devices in current use by healthcare organizations were designed and manufactured long before the medtech industry was thinking critically about cybersecurity features. Many older medical devices in operation today — using outdated or insecure software, hardware and protocols — were not built with cyber protections in mind leaving healthcare organizations vulnerable to attack and putting the reputation and financial stability of device companies at risk.

“But you’re not going to find a hospital who is very quick to replace a $1.5 million MRI or CT because the operating system is outdated,” Schlessinger said. Instead, he recommends healthcare organizations employ best practices to manage security risks including isolating connected medical devices as much as possible from hospital networks.

At the same time, Schlessinger acknowledges that disconnecting devices from hospital networks is often not practical, as doing so could disrupt clinical workflow critical to patient care.

Read more from MedTech Dive.