Cyberattacks are increasingly disrupting patient care and putting patient safety at risk. Data breaches have, for example, made emergency medical records inaccessible, diverted ambulances, delayed treatments, and canceled appointments and surgery. While data breeches flood the headlines, it’s not the only way cybercriminals can compromise patient safety. Attacks on fire protection systems can cause false alarms, loss of communication or denial of service, which can interrupt patient care and compromise safety. Fire protection systems are increasingly networked to Building Control Systems (BCS), Internet of Things (IoT), and other platforms that are, by design or oversight, exposed to the public-facing internet. This emerging environment exposes fire and life safety systems to unique and novel cyber vulnerabilities and attacks that have the potential for significant consequences. Any weak point in a building’s information technology infrastructure, including equipment, building systems, IoT devices and more, can be exploited and used as a pathway for attack. This session will review the expansiveness of cyber vulnerabilities for fire and life safety systems in health care facilities, the severity of consequences, tactics to mitigate these threats, the role of codes and standards, and how to reduce these risks.