Premium Reports
Contact KLAS
 Download Report    Zoom in charts



Related Series

 No Related Series

Related Segments

Related Articles

 End chart zoom
Healthcare IoT Security 2020 Healthcare IoT Security 2020
* A page refresh may be necessary to see the updated image

Healthcare IoT Security 2020
Great Options in an Emerging Market (A Decision Insights Report)

author - Joe VanDeGraaff
Joe VanDeGraaff
author - Dan Czech
Dan Czech
November 9, 2020 | Read Time: 18  minutes

Adoption of security solutions for the healthcare internet of things (IoT) continues to grow as healthcare organizations look for ways to understand and manage the risk associated with connected devices. In most deployments, the focus has shifted from securing mainly medical devices to covering both medical devices and the broader IoT devices found in healthcare settings. As the market matures, organizations are also beginning to look beyond core capabilities—where most solutions are comparable—to factors like cost, ROI, expertise, and vendor culture when making buying decisions. With many strong options in the market, the bar for vendors is high. KLAS spoke with 51 healthcare organizations to understand which vendors are being selected and why and to glean early insights into customer satisfaction.

healthcare iot solution capabilities

Medigate, Ordr Emerge as Leaders in Growing Healthcare IoT Market

As the buying wave of healthcare IoT solutions continues, strong technology offerings and numerous new wins in the last year have established Medigate and Ordr as leaders in the growing market. Picking up steam and showing rapid growth since last year, Medigate’s technology delivers detailed information to customers through device-fingerprinting capabilities. While the healthcare-specific vendor historically focused solely on medical devices, organizations that have recently selected Medigate point to the vendor’s expanded IoT capabilities as a plus. When Medigate is not chosen, organizations cite concerns over price or challenges during the sales cycle. Customers who recently chose Ordr, whose market share has consistently grown year over year, were drawn to the breadth and number of devices Ordr can detect and the highly granular visibility the solution provides. Feedback on the user experience is mixed, though customers say that once users are properly trained, the tool drives deep insights. Ordr’s culture of flexibility and willingness to partner stand out as reasons they are selected. Some prospective customers passed over Ordr in favor of other vendors they saw as having a deeper knowledge of medical devices.

estimated unique healthcare contracts vs. rate of consideration
overall decision energy healthcare iot security

Palo Alto Acquisition of Zingbox Creates Uncertainty

overall performance score 2019 vs. 2020Zingbox—acquired by Palo Alto Networks in fall 2019—was the early market leader. They continue to be considered in most decisions, but a majority of prospective clients select other vendors, in large part due to uncertainty about Zingbox’s future under Palo Alto Networks. This uncertainty, a perceived pause in product development following the acquisition, and continuing sales-process inconsistencies are top reasons potential customers do not choose Zingbox. KLAS has spoken to two organizations that have replaced Zingbox in the past year due to concerns about the acquisition. Zingbox, with their broad IoT focus, is seen by those that select them as having a useful product with strong technology and usability. Price concerns were mentioned by prospective customers less often this year than in 2019. The limited performance data from current customers shows that satisfaction has dropped by almost 10 points year over year, putting Zingbox behind others in this high-performing market—customers cite decreased responsiveness from and increased turnover among Zingbox employees.

Concerns about Armis’ Technology Abilities Driven by Sales Team; New Entrant Cylera Makes a Dent with Strong Healthcare Team and Relationships

Cross-industry vendor Armis is increasingly considered in healthcare IoT security decisions; today, their traction in the healthcare industry is average. KLAS validated very few organizations that selected Armis. Those that did select them cite good technology and the ability to broadly discover both IoT and medical devices. Organizations that looked at Armis but chose another vendor report challenges with the sales team occasionally overstating what the solution can do, specifically regarding medical devices—some tied this to a lack of healthcare expertise. Potential customers say sales personnel also left them with unresolved concerns. Cylera signed their first customers in early 2020. While continuing to develop their technology to be on par with competitors’, Cylera has established an early market presence by leveraging a strong team of healthcare IoT experts and a CEO who is seen by clients as very engaged. This strong leadership from Cylera has instilled trust and confidence in the vendor’s direction and ability to deliver on promises. Organizations that didn’t select Cylera point to concerns about the maturity of the company and the product.

reasons vendors were selected reasons vendors were not selected

Asimily and Up-and-Coming Sensato Leverage Healthcare Expertise for Early Traction

Asimily has continued to grow and acquire customers in the last year. Organizations that select Asimily appreciate the vendor’s honesty about what they will and won’t do and how development requests fit into the product road map. Current customers see Asimily’s networking and healthcare expertise as differentiators. The vendor’s responsiveness, especially from the CEO, enables quick issue resolutions and is frequently mentioned by customers. The scalability of this responsiveness remains to be seen. Asimily is often selected when considered, but they have less broad mindshare compared to other major healthcare IoT security vendors. Sensato Cybersecurity Solutions has leveraged their unique offering—SOC managed services paired with a device-discovery tool—to gain some early wins and satisfy customers. Customers often point to the CEO’s healthcare background and the company’s overall healthcare expertise as differentiators. They also appreciate the value that comes from having 24/7 monitoring of their environments done by the Sensato team rather than costly resources of their own. Purchase decisions in which Sensato is considered often involve vendors outside the core group of healthcare IoT security vendors, such as SIEM and SOC vendors.

CyberMDX and Cynerio See Overall Slow Market Traction

KLAS-validated considerations and new wins of healthcare-focused vendors CyberMDX and Cynerio have been much lower than that of most other commonly considered vendors. CyberMDX, who had early market energy, still receives moderate consideration but is chosen less often. When selected, CyberMDX is chosen for the quality and responsiveness of their staff. Prospective customers that chose another vendor say they had trouble seeing the value of the CyberMDX product; a couple passed over CyberMDX due to poor recommendations from device manufacturers and peers. Cynerio is primarily selected by smaller organizations, and while they recently released broader capabilities, they are perceived to be mainly focused on medical device discovery. This is concerning to organizations with broader, more long-term needs for IoT security. Expertise is another area for improvement—organizations that considered Cynerio report they would have been leaned on too heavily to direct the product road map rather than being directed by the vendor’s experts. Some also mentioned aggressive sales tactics. Organizations that selected Cynerio did so for a variety of reasons, including strong technology and ease of use.

vendor snapshots healthcare iot security

Top Considered Vendors at a Glance
Only those vendors who were considered by three or more interviewed organizations are detailed below.


Gaining traction in healthcare but still lags behind cross-industry players Ordr and Palo Alto Networks (Zingbox). Selected for their technology and its broad application to both IoT and IoMT devices, giving customers broad visibility. Reasons not selected include lack of medical device focus and significant challenges with sales team.

vendor performance scorecard armis

thumbs up“During our proof of concept, we identified value from the appliances right away. The vendor led us through some investigations that we would not have had visibility into without Armis. The solution demonstrated value right away. The original use case was for inventory medical devices, but we really liked the visibility the solution gave us into everything. I want to say the primary use case now is visibility into our network. The 100% visibility is what we love about the product. We don’t have east-west visibility, so that is the main driver for having the product.” —Security manager

thumbs down“We looked at Armis. We had several demos from Armis. They did not make our initial cut because they had a lot of features in development. Their salespeople loved to pitch those features to us, but then the technology people would kind of pull them back during the presentation to clarify that the features wouldn’t be ready for a few months. The product seemed a little too fresh at the time that we looked at it. . . . We also didn’t want a vendor that was too generic and wouldn’t really know the medical device space because we also have a lot of IoT devices.” —Security manager


Early traction, including contracts with several large IDNs and some interest from clinical engineering. Selected for honesty in setting expectations about development road map. CEO is actively involved, though some have concerns about scalability of frequent executive touch points. Not widely considered, though often chosen when considered. Passed over by one organization out of concern Asimily was too immature. Current customers report high satisfaction due to service and support response times and a high-quality product.

vendor performance scorecard asimily

thumbs up“When I asked what the vendor’s future plans were, Asimily gave me a strong answer. Asimily is trying to put together a program where we would buy a piece of equipment and have them give us a security assessment before buying it so that we know what the faults are going to be before bringing the device online. That process would help us make better-informed purchasing decisions.” —Security manager

thumbs down“Asimily’s product seems to do a pretty decent job. A couple of my peers use the product, and they are very happy with it. The vendor seems to be responsive. But they are a small start-up, and I am not sure how far they have come or whether they have continued to evolve. The CEO seemed to be driving most of the engagements. The vendor’s tool set seemed promising.” —Clinical engineering director


KLAS-validated overall market traction has slowed from early energy in 2019. A few new validated selections driven by high-quality, responsive staff and technology that profiles devices in great detail. Reported reasons vendor is not chosen include inability to demonstrate value, poor technology quality, and reputation/reference challenges. Most of those that selected CyberMDX report satisfaction with delivery (customer satisfaction data comes from a limited sample). One organization reported a lacking experience with the vendor’s support and is actively looking at other solutions.

vendor performance scorecard cybermdx

thumbs up“CyberMDX seems to be best at profiling devices. They have lots of detailed information. We have validated that with our testing. MDefend can see from an IP address that a device is a Siemens 64-slice scanner. It knows what operating system it has and what hardware platform it is on. It can see where the device is located. The system can also profile nonmedical devices. It is very capable of managing those devices. CyberMDX has a broad range of people, some of whom came from auditing backgrounds. Their policies are driven by that variety. It is a strength for them. CyberMDX is responsive and engaged, and they know the right questions to ask.” —Clinical engineering director

thumbs down“CyberMDX was just so new. They know how to do security better than anyone. I did a deep dive with them. The problem was that they were too new in how they were doing things. There were too many gaps in their delivery model. CyberMDX was too small. Their product wasn’t intuitive. It required some learning and education. The vendor didn’t have the optimization piece totally figured out; they were just building it, and that was a key piece that I wanted. The vendor was figuring out how to get all of the different biomed vendors into the system, but the vendor that we selected had all of them already.” —Security director


Healthcare-focused vendor just beginning to acquire customers in 2020. Selected for a strong team including a responsive, engaged CEO and healthcare IoT experts. Product not yet seen as a differentiator, though leadership team fosters trust in future development. Company and product maturity are challenges cited by those who don’t select Cylera, who are looking for more substance from the company.

vendor performance scorecard cylera

thumbs up“My overall process was really intensive. We were looking at different initiatives and started hearing from a company called Cylera. One of the vendor’s chief security officers is a very respected individual in the cybersecurity sector. I was able to meet the vendor’s entire team, and the team members are phenomenal people. We created a proof of concept, and it was absolutely phenomenal.” —CIO

thumbs down“We briefly looked at Cylera, and they didn’t focus on vulnerabilities. A lot of other companies [besides the vendor we chose] were making big claims about how they could do everything and how we couldn’t live without them, but there was no real meat to what they were delivering. I haven’t come across any peers that are using Cylera’s product.” —Clinical engineering director


Healthcare-focused vendor with traction among smaller healthcare organizations. Growth has been slow. Organizations not selecting them cite their primary focus on medical devices, see broader IoT as a gap. Prospective customers also mention aggressive sales tactics. Selected for technology and (as in 2019) a strong user experience.

vendor performance scorecard cynerio

thumbs up“We went with Cynerio because they were amazing in how they accommodated us for our proof of concept. They actually sent an appliance over, and we got it installed and configured. The vendor worked closely with us to understand and use the system. The system didn’t capture all of our network traffic, but it captured a good chunk of it. The technology was really solid, and we wanted to keep looking at it.” —Security manager

thumbs down“The vendor claimed that the product had every feature, but when I asked them to show me the product, it didn’t have every feature. The vendor said they had plans for putting in features in the future. The vendor wasn’t focusing on everything; they were focusing on medical devices only. The vendor said they were working on giving the ability for organizations to detect other IoT devices but that the ability would come at an additional cost.” —Security manager


Healthcare focused but has also successfully met customer needs for broader IoT visibility. Technology is primary driver for selection, mainly regarding detailed information gleaned from the fingerprinting and profiling capabilities. Not selected because of pricing inconsistencies and sales tactics. High customer satisfaction. Has successfully scaled during period of growth. Regular touch points with vendor representatives make support needs nearly nonexistent. Responsiveness of vendor team helps organizations overcome issues due to insufficient training resources.

vendor performance scorecard medigate

thumbs up“Two things stood out about Medigate, and that is why we chose them. First, the detailed information that we received from the medical devices was deep, and the information gave us a lot of enrichment of data. That really came to light when our biomed people looked at the product and felt that they could use the information to understand the utilization of different scanners. The other big thing was the vendor’s flexibility in terms of working with our hospital directly to provide quick changes. Medigate is a young company, but they provide very quick changes to their entire system. We were almost a part of the development and strategy team as the vendor built out the system.” —CISO

thumbs down“We just didn’t like the sales team. Having a good sales team is important because the sales team has a major impact on our decision to purchase the product. The tool was a little too flashy and not technical enough. It would probably work in some environments that are vendor dependent, but we have a technical background, so we didn’t go with it.” —Security director


Ordr, who has contracted with some of the largest health systems, has continued to be one of the market leaders in terms of wins and considerations for the second straight year, resulting in their current leading market share. Breadth of devices detected along with granular details seen as a positive for those that select Ordr. Integrations help drive value with the solution. Vendor culture and partnership continue to be decision drivers (also cited in 2019). Satisfaction with user experience varies—cited both as a reason for selection and a reason for not selecting. Also passed over due to perceived lack of healthcare expertise. Current customers report high satisfaction with the tool, though it can be complex. Some UI challenges would be helped by more training from the vendor.

vendor performance scorecard ordr

thumbs up“We fell in love with Ordr’s system. We feel pretty comfortable moving in that direction because the system really isn’t that invasive. I thought I was dreaming when I learned that Ordr’s system could do application detection and create an inventory of applications in use. We know the ports and protocols, and between us and Ordr, we could create that inventory over time using their machine learning process. The way that Ordr labels their tabs is common sense. We can tab through the different things and what they are going to do. The system can talk to an infinite number of devices, and it knows which devices are talking to each other and which devices are talking to which ports. With that information, we can establish baselines and tell the system to alert us anytime something goes outside the norm.”  —CISO

thumbs down“Our decision came down to Ordr and the vendor we ultimately selected. Ordr’s product is excellent, but the GUI wasn’t intuitive. I was very blunt when we announced to Ordr why we didn’t select them. Their application reminded me of an application that was designed by engineers for engineers. It took me weeks of deep diving to figure out the logic and how to get reports. I eventually figured things out, but we needed an application that was easy to get into and easy to train on.” —IT manager

Palo Alto Networks (Zingbox)

2019 market leader. Suffering from the effects of acquisition by Palo Alto Networks. Product still seen as strong and competitive. Current customers report decreased support and responsiveness. Two validated replacements of Zingbox due to the acquisition. Many that considered Zingbox but chose a competitor report concerns about the vendor’s stability through the acquisition and their focus going forward. Sales team inconsistencies still a challenge. Past concerns about pricing structure appear to have been resolved. Organizations that selected Zingbox mention a strong product and the breadth of their offering, including both IoMT and broader IoT.

vendor performance scorecard palo alto networks (zingbox)

thumbs up“We looked at other vendors, and they didn’t show as much promise as Zingbox did. We liked the ease of use of the tool and the easy integration with it. The tool is good and accurate. It quickly helped us with a couple of issues that we didn’t even know we had. Zingbox gave us a much better deal than other vendors did.” —CISO

thumbs down“We started looking at Zingbox before the Palo Alto Networks acquisition. However, the fact that Palo Alto Networks was able to buy a huge player in the market for less than what we thought the company was worth made us shudder a bit. We thought there must be some internal things going wrong at Zingbox with money or with management. We didn’t really know, but that acquisition kind of gave us a weird feeling. When Zingbox was purchased, the people we had talked to previously were either exiting the company or shifting to different roles. Things got dropped internally. Eventually, some Palo Alto Networks people came back to us and asked whether we needed help. The Palo Alto Networks acquisition kind of soured the product, along with the shakiness of the deal itself and the support that we were receiving afterwards. We just didn’t get a great feeling about Zingbox, both in terms of the customer support and the continuing development process.” —Security manager

Sensato Cybersecurity Solutions

Healthcare-focused vendor with a unique combination of software product and managed SOC services, leading to early market traction. Leadership team’s healthcare experience and expertise a driver for early wins, along with value and peace of mind from 24/7 monitoring. One prospective customer who chose a different vendor over Sensato mentioned a perceived focus on sales without the ability to articulate value. Current customers report high satisfaction and see Sensato as a natural extension of their team, allowing them to focus resources elsewhere.

vendor performance scorecard sensato cybersecurity solutions

thumbs up“We landed with Sensato Cybersecurity Solutions because they are very focused on healthcare IT security and not across multiple industries. Their business is healthcare IT security; they don’t claim to be a consulting firm that is just offering healthcare IT security as an additional option. The solution was also affordable; it was more affordable than the other vendors’ solutions that I have worked with and very comprehensive, too. The vendor does not just offer medical device security; our entire network has been monitored.” —CIO

thumbs down“Sensato Cybersecurity Solutions seemed to make a big splash. My impression of them was that they were very focused on sales. They were pushing how big vulnerabilities were and how the world was going to crash, but there weren’t any real solutions or clarity as to how they would deliver the work and understand the threat. That pushed me away from the vendor. One of my peers was looking to go with Sensato Cybersecurity Solutions, and I got the sense that the peer was only looking because of a previous relationship with the vendor. Vendors need to demonstrate their merit and stand on their own.” —Clinical engineering director

About This Report

Data for this report comes from two sources: (1) KLAS Decision Insights data and (2) KLAS performance data.

KLAS Decision Insights Data

All references in this report to organizations’ purchasing motivations come from KLAS’ Decision Insights data. Since 2017, KLAS has been gathering information as to which vendors are being replaced, considered, and purchased and what factors drive these decisions. KLAS Decision Insights data does not represent a comprehensive census or win/loss market share study. Rather, it is intended to help provider organizations understand which vendors have market energy and why.

KLAS Performance Data

Each year, KLAS interviews thousands of healthcare professionals about the IT products and services their organizations use. These interviews are conducted using a standard quantitative evaluation, and the scores and commentary collected are shared in reports like this one and online in real time so that other providers and IT professionals can benefit from their peers’ experiences.

To supplement the data gathered with this standard evaluation, KLAS also creates various supplemental evaluations that target a subset of KLAS’ overall sampling and delve deeper into the most pressing questions facing healthcare technology today.

The quantitative performance data in this report comes from standard evaluations, and additional customer comments were collected in a supplemental evaluation. Both types of data were collected over the last 12 months; the number of unique responding organizations for each vendor and evaluation type is given in the table to the right.

about this report

What does "Limited Data" Mean?

Some products are used in only a small number of facilities, and some vendors are resistant to providing client lists. Thus a vendor’s sample size may not reach KLAS’ required threshold of 15 unique respondents. When a vendor’s sample size is less than 15, the score for that vendor is marked with an asterisk (*) or otherwise designated as “limited data.” If the sample size is less than 6, no score is shown. Note that when a vendor has a low number of reporting sites, the possibility exists for KLAS scores to change significantly as new surveys are collected. Overall scores are measured on a 100-point scale and represent the weighted average of several yes/no questions as well as other questions scored on a 9-point scale.

author - Amanda Wind Smith
Amanda Wind Smith
author - Madison Moniz
Madison Moniz
author - Robert Ellis
Project Manager
Robert Ellis
 Download Report

This material is copyrighted. Any organization gaining unauthorized access to this report will be liable to compensate KLAS for the full retail price. Please see the KLAS DATA USE POLICY for information regarding use of this report. © 2024 KLAS Research, LLC. All Rights Reserved. NOTE: Performance scores may change significantly when including newly interviewed provider organizations, especially when added to a smaller sample size like in emerging markets with a small number of live clients. The findings presented are not meant to be conclusive data for an entire client base.