Securing Your Healthcare Facility’s Building Automation System: The Critical Role of Network Visibility

Many Building Automation Systems were installed years ago and lack security protocols that are common in modern systems.

Integrate your Building Automation System and controls into your overall cybersecurity plan.  

Building Automation Systems are Responsible for Critical Elements of Patient Care  

In the healthcare industry, building automation systems are becoming increasingly common as facilities look to optimize energy usage, improve patient care, and streamline operations. Because building automation systems control critical environmental factors such as temperature, humidity, and air quality they directly affect patient health and comfort. Properly regulating these factors can help reduce the risk of infections, improve patient outcomes, and promote faster healing. These systems also play a crucial role in managing facility security, lighting, and other critical infrastructure, further enhancing patient safety and overall care.

Despite Their Importance, Building Automation Systems are Often Unsecured or Under-Secured, Making them Vulnerable to Attack

Building Automation Systems are becoming an increasingly attractive target for cybercriminals looking to gain unauthorized access to sensitive patient data or disrupt critical hospital functions. Many of these systems were designed and installed before cybersecurity was a significant concern and may have vulnerabilities that can be exploited. Building automation systems often rely on open protocols and standard technology, making them easier targets for attackers who are familiar with these systems. A breach at a hospital can be a severe threat to patient safety and privacy. One example of a breach at a hospital occurred in 2017 when a hacker, as part of a larger attack, gained unauthorized access to a building automation system at a medical center in the United States. The hacker was able to access the hospital’s building controls and manipulate the environmental conditions in patient care areas, including the temperature and humidity levels. As a result of the breach, several surgeries had to be canceled or rescheduled due to the affected conditions in the operating rooms.  The hospital had to shut down its entire network to isolate the breach and implement new security measures, leading to significant disruptions in patient care and facility operations.  In 2021, a large children’s hospital became aware of network breach that originated with a third-party HVAC vendor (HVAC Vendor Allegedly Hacked).  While the hacker claimed to not want to harm the hospital, this underscores the risk that Building Automation Systems pose to healthcare customers. The Cybersecurity and Infrastructure Security Agency, CISA, released an ICS advisory related to HVAC System Control vulnerabilities (HVAC Systems Controls | CISA)

You Need Network Visibility

It is essential to ensure that your building automation systems are secure, with network visibility being a key component of any comprehensive security strategy. Network visibility refers to the ability to see, monitor, and analyze all network traffic, giving you an overview of all devices on your network and their behavior, including medical equipment, HVAC systems, and other critical infrastructure. A strong network visibility architecture allows you to capture all network data and intelligently route the right data to the right monitoring tool, allowing organizations to quickly identify anomalies, investigate potential threats, and take action to prevent data breaches or system disruption.

Beyond Network Visibility

Implementing security measures such as network segmentation, regular vulnerability assessments, and breach attack simulations can also help prevent building automation system breaches and protect patient safety and privacy. Network visibility provides critical information about network traffic and connected devices, allowing for effective network segmentation to protect against potential security breaches. By segmenting the network, security controls can be implemented to limit access to critical systems and data. Additionally, network visibility allows for vulnerability assessments to be conducted regularly, identifying potential security weaknesses that can be addressed before they can be exploited by attackers.

What You Should Do Next

First, you should immediately work to replace all default or weak passwords, turning off any unnecessary services within the controller, and locking down network access to the controller level wherever possible. Additionally, it is important to incorporate network visibility as part of the checklist to monitor and detect any potential threats to your systems. Finally, remote connectivity should be secured with a Virtual Private Network (VPN) or similar technology to mitigate the risk of cyber-attacks. By following these guidelines, you can ensure the safety and security of your building management systems and protect them from potential vulnerabilities. Next, download and read the below guide on how to create a successful visibility architecture.

And to learn even more about how Keysight can help secure Healthcare organizations, contact



Related Solutions