Protect the Internet of Medical Things (IoMT): Medical Device Security
Oct 13, 2025 - Nov 9, 2025
1.5 CEUs
Full course description
COURSE DESCRIPTION
This course provides you with an in-depth exploration of healthcare cyber risk management, specifically focusing on protecting medical devices and ensuring seamless hospital operations. You will gain a 360-degree perspective on hospital cybersecurity, examining the viewpoints of healthcare providers, cybersecurity leaders, security tool vendors, medical device manufacturers, and FDA regulations.
The curriculum will help you understand the rapid growth of the Internet of Medical Things (IoMT) and medical devices within the healthcare industry. You will explore the associated risks, including operational impacts and patient safety concerns, when these devices are not correctly patched, isolated, configured, and managed. The course will provide you with the opportunity to delve into the evolving landscape of cybersecurity tools to help healthcare leaders manage risks arising from unpatched legacy devices and IoT/OT environments.
You will study developing methodologies to improve visibility into healthcare organizations’ asset attack surfaces, prioritizing vulnerabilities for patching, identifying gaps in security controls, and enhancing regulatory compliance. Demonstrations of current medical device security detection technologies will allow you to work on selecting AI-driven asset intelligence platforms in your organization.
LEARNING OUTCOMES
Master knowledge and practical applications to protect the IoMT and other connected medical devices.
Analyze common vulnerabilities, address incidents, and implement remediation strategies to reduce exposure in healthcare environments.
Describe the role of medical device manufacturers and your responsibility as a medical device procurer.
Recognize future trends and emerging threats in healthcare cybersecurity as they pertain to the IoMT/OT.
Identify existing and emerging of FDA compliance and regulatory standards for medical devices.
WHO SHOULD ENROLL
This program is designed for experienced U.S. healthcare professionals from a variety of healthcare or healthcare-related settings who want to enhance their careers, including:
- Clinical professionals,
- Healthcare administrators,
- Information Technology professionals, including Cybersecurity,
- Emergency preparedness professionals,
- Risk managers, and
- Other healthcare professionals.
This program is not designed for those looking to enter the healthcare field. Learners should have at least two years of U.S. healthcare-related experience and a college degree, or five years of U.S. healthcare-related experience without a college degree.
REGISTRATION PROCESS
Step 1 – Check your eligibility. Submit a Registration Approval Request to confirm eligibility for the program at least two weeks prior to the course start date.
Step 2 – Register and submit payment. After you receive notification via email that you have been approved to register, you must complete and return a Registration Form and payment at least two weeks prior to the course start date.
ADDITIONAL INFORMATION
This course is delivered primarily via asynchronous instruction, meaning that learners can work at their own pace. During the fourth week of the course, there will be a live, online session with the course instructor.
Textbook Information
Upon enrollment confirmation, learners will be mailed a complimentary copy of Enterprise Risk Management as a Value Creator textbook by Mr. Bob Chaput.
Digital Badge
Upon successful completion of this four-week microcredential course, you will be awarded a competency-based digital badge demonstrating specific knowledge and skills related to the course topic.
If you are pursuing the badge for the Leadership in Healthcare Cyber Risk Management program, you have two years to complete all six courses from the start date of your first class, though most students typically finish the certificate within 6 to 12 months.
Questions? Send them to your enrollment advisor.
MEET THE INSTRUCTORS
This course is co-taught by Carter Groome, Olin Dillard and Toby Gouker.
Olin Dillard, CISM, HCISPP, CHTM, CBET, brings over 20 years of experience in health IT, with deep expertise in Healthcare Technology Management (HTM) and Clinical Engineering. He specializes in IoMT/OT/IoXT security, security frameworks, governance, patient safety, and regulatory compliance.
As Executive Vice President of Commercial Health at First Health Advisory, Dillard leads the Clinical and Operational Security and Technology Practice, driving strategic initiatives to enhance security and safety across healthcare environments. Prior to joining First Health Advisory, Dillard served as Healthcare Technology Manager (HTM) at Baylor Scott & White Health in North Texas. He previously spent 18 years at Children's Health System of Texas, where he held progressive roles in HTM, including Manager of HTM for both Children’s Health Dallas and Plano hospitals.
Dillard holds a Bachelor of Applied Science in Applied Technology and Performance Improvement from the University of North Texas. He is certified in CISM, CHTM, CBET, and Security+.
As the former Provost for the SANS Technology Institute, Dr. Toby Gouker, Ph.D., CHISL, GSLC, CISM, CPEM, brings a wide breadth of privacy and security expertise to First Health Advisory’s cyber health practice. Coupled with years of experience in the federal healthcare IT industry, his expertise sits at the nexus of cybersecurity, health policy, and healthcare risk management. With over 40 years of industry experience and 20 years in education, Gouker is both a scholar and practitioner, offering healthcare organizations guidance on business tools and techniques that help organizations protect IT and data assets. In addition to teaching and advising, Gouker is an SC Media Columnist on current events in healthcare cybersecurity.
Gouker received a bachelor's degree in chemical engineering from Worcester Polytechnic Institute, a master's in business administration from the University of Houston, and a doctorate in applied management and decision sciences with a specialization in information systems management from Walden University.
Carter Groome, MBA, NACD.DC, CDE-H, is the Founder and the Chief Executive Officer of First Health Advisory, a global cyber resilience consultancy. He brings 29 years of health cybersecurity, digital transformation, and strategic advisory experience to advocate for the industry at large, serve boards, and the company client base.
As CEO, Groome is able to draw upon his provider, consulting, and vendor background to benefit First Health's commercial and government clients. Groome began his health technology focused career at Adventist Health System, implementing and optimizing various Electronic Health Records and best in class ancillary systems. Through that time and into his consultative career, he became more involved in systems integration, enterprise interoperability, and strategic planning at numerous healthcare organizations throughout the United States, leading to the founding of First Health in 2005.
Groome is an NACD.DC Certified Director, a sitting CHIME Board of Trustees Member (Education Chair), current Health Sector Coordinating Council Member, former AEHIS Board Member, former Children's Eye Foundation Board Member, HIMSS Risk Assessment Work Group Member, former CHIME Membership Committee Member and an education partner of the SANS Institute.
Groome is a 2024 recipient of the Baldrige Foundation Award for Leadership Excellence (Cybersecurity), and he holds a BS from the University of Arizona (Health Science) and an MBA from Johns Hopkins University.
About the Center for Professional Education
Discounts | FAQs | Registration & Payment | Policies & Procedures
