CYBERSECURITY CHALLENGES FOR THERMOGRAPHERS—AND THE NEW PATH FORWARD

By Rob Milner

Every day, organizations face relentless cyberattacks from criminals and nation‑state groups looking to steal data, disrupt operations, or cause real‑world harm. Information Technology (IT) teams must defend against these threats while still enabling the business to run efficiently—a balancing act that grows harder each year.

For facilities running critical infrastructure like electricity generation, transmission & distribution, data centers, water systems, hospitals, and government buildings, cybersecurity isn’t optional. It’s a legal responsibility and a safety mandate. A single breach can trigger outages, expose sensitive information, create compliance violations, and lead to staggering financial loss.

Why the Threat Is Rising

0%

By 2024, 92% of global healthcare organizations had suffered at least one cyberattack

Healthcare: High Stakes, High Impact

Healthcare is now the most targeted industry on the planet. Ransomware attacks nearly doubled in the U.S. from 2022 to 2023, and by 2024, 92% of global healthcare organizations1 suffered at least one cyberattack.

These incidents don’t just shut down computers—they delay care, cancel surgeries, and put patient lives at risk. Major breaches cost millions, with healthcare posting the highest average breach cost of any industry for 14 straight years.

The May 2021 attack on Ireland’s health service crippled systems for weeks, and a 2024 attack on a major U.S. hospital network took 120 hospitals offline, costing ~$130 million in response and $0.9 billion in lost revenue.2)

Healthcare records are a treasure trove of personal data—making breaches highly damaging.

The average cost of a healthcare data breach is $7.42 million, the highest of any industry (healthcare has led in breach costs for 14 years running)2. Major breaches in recent years have exposed millions of patient records.

Beyond fines, these breaches carry risks of identity theft, insurance fraud, and violations of patient privacy regulations (such as HIPAA), so healthcare providers are under pressure to encrypt data and limit access.

1https://www.beckershospitalreview.com/cybersecurity/92-of-healthcare-organizations-experienced-a-cyberattack-in-2024.html

2https://news.un.org/en/story/2024/11/1156751

Utilities: the Front Line of National Security

Electrical utilities, pipelines, and energy producers are prime targets for nation-state adversaries. Russian-linked groups like Sandworm have already demonstrated the ability to cause real blackouts, as seen in Ukraine in 2015 and 2016.

In North America, attempted infiltrations of utility networks continue, often through compromised remote-access systems or vulnerabilities in IT/OT gateways.

Even when attackers don’t cause an outage, they may be planting footholds for future sabotage.

AI Is Accelerating the Threat

Since late 2022, AI-generated phishing, social engineering, and ransomware attempts have surged. Attackers are using AI to scale their operations; defenders are using it to detect and contain threats. The result is an AI-driven cybersecurity arms race where every industry must stay vigilant.

Understanding Data Security Requirements

Different industries face distinct rules for where data must reside and how securely it must be handled. Those rules affect thermography workflows, device usage, and vendor selection.

Here’s a simplified hierarchy:

  • Government & Defense: Strictest rules—data must remain in-country and often on-premises. Compliance standards include FedRAMP, NIST 800-171, NDAA.
  • Healthcare & Critical Infrastructure: High regulatory pressure (HIPAA, HITECH, NERC CIP, NDAA). Private cloud or on-prem preferred.
  • Financial Services: Moderately strict, with strong audit and encryption standards. (SOC2, PCI-DSS).
  • Commercial/Industrial: More flexibility—public cloud often acceptable.

Knowing these requirements helps customers choose inspection platforms that won’t create compliance headaches.

How Industry Is Responding—and Where They Struggle

To reduce cyber risk, many organizations have locked down their systems by:

  • removing wireless data transfer
  • banning USB devices
  • isolating facility networks
  • keeping inspection tools offline

While this increases cybersecurity, it cripples efficiency and effectiveness. In many facilities today, it can take days or even weeks for thermography findings to reach the people who need to act—a dangerous delay when equipment failures could threaten employee safety, public safety, or profitability.

Organizations need something better: fast, compliant, secure data flow that doesn’t introduce cyber risk.

Where Flir Technology Changes the Game

Flir has moved aggressively to meet customer cybersecurity expectations. With ISO 27001 certification, and modern secure workflows enabled by Assetlink and the Flir iXX Series, organizations can finally operate both efficiently and safely.

Assetlink: Secure, Supportive, Connected

This onboard app enables:

  • Fast, encrypted, two-way communication between software and camera
  • Clear guidance for inspectors (what to inspect, how to inspect, and what data to capture)
  • Consistency of data capture even with an inexperienced workforce
  • Instant report creation and dashboards for plantwide condition visibility
  • Deployment choice: Public Cloud, Private Cloud, or full On-Premises

The result is a platform that meets the cyber and compliance needs of many utilities, healthcare, government, and industrial facilities—without slowing down operations.

A Flir iXX-Series thermal cameras with the Assetlink app.

Public Cloud: secure multi-tenant environment (the same model used by banking apps)

Private Cloud: single-tenant, ideal for custom integrations On-Premises: full customer control when required by strict regulations

Meet Flir Assetlink

Whether you are conducting electrical, mechanical, or building inspections—or you're monitoring multiple assets with a thermal imaging camera—Flir Assetlink ensures data consistency and easy cloud integration. Available on all iXX-Series cameras, Assetlink helps you prepare for inspections, plan your routes, and connect thermal images to asset data—speeding up workflows and delivering valuable insights.

Register for Assetlink

iXX-Series Cameras: Secure by Design

iXX cameras can transfer data quickly via:

  • LTE cellular connectivity via major telecom carriers
  • Internal Wi-Fi networks

These cameras can be fully locked down using mobile device management (MDM)—the same protection model used for corporate smartphones.

This means even the most security-conscious facilities can safely adopt efficient, modern inspection workflows that increase efficiency, effectiveness, safety, and profitability.

"Once the data and images (from the iXX) are gathered on site, we can generate a report within five minutes. Once synchronized to the cloud, I can run the report and send it to the customer immediately from my location in the office. That whole process would previously take us 8-12 hours for a large job."

—Tyler Grant, Project Manager for Electrical Testing, Project Engineering, and Construction Safety, Blackmon Power

Key Takeaways

Cybersecurity requirements have tightened dramatically, especially in healthcare and electric utilities, to meet the ever growing threat posed by bad actors. Many facilities have restricted their data flow, sacrificing efficiency for security in the process. However, for thermography, this compromise is unnecessary, as Flir Assetlink and the iXX Series enable both—maintaining needed security and compliance, while facilitating inspection data movement.

Due to recent release of private cloud and on-premises hosting, organizations can meet strict data residency and network segregation requirements while maintaining encrypted wireless data transfer behind their firewalls. As a result, thermographers no longer need to choose between cybersecurity and operational excellence.