Insights

July 6, 2023

Understanding Healthcare’s Cybersecurity Problem

With its wealth of sensitive patient information, healthcare has emerged as a prime target for hackers seeking to exploit valuable personal data. For 12 consecutive years, it has been the top industry targeted by data breaches. In 2022, the average total cost of a breach in healthcare increased from $9.23 million to $10.10 million in 2022 (a 9.4% increase).

Yet healthcare is one of the most highly regulated industries and is considered critical infrastructure by the US government. What is it that’s making healthcare such a malleable environment for hackers to infiltrate

What makes the healthcare industry so vulnerable?

Healthcare organizations collect and store a myriad of personally identifiable information (PII), including medical records, insurance details, and financial data. This rich repository of data makes the healthcare sector an attractive target for cybercriminals due to its potential uses in identity theft, insurance fraud, and illicit medical activities.

However, there are several factors that affect healthcare’s information security protection, including:

  • Inadequate Cybersecurity Infrastructure: Many healthcare institutions lag behind in implementing robust cybersecurity measures, partly due to budgetary constraints and complex legacy systems. This deficiency leaves them exposed to sophisticated hacking techniques, including ransomware attacks and phishing schemes.
  • Human Error: The healthcare industry relies heavily on human intervention, increasing the risk of inadvertent errors that compromise data security. Employees may fall prey to social engineering tactics, inadvertently disclose sensitive information, or mishandle critical data, providing hackers with an entry point.
  • Data Sharing and Interoperability: As healthcare becomes more interconnected and data sharing becomes necessary for seamless patient care, the risk of breaches magnifies. Each integration point and data exchange presents an opportunity for cybercriminals to infiltrate the network.

Responding to threats

In order to adequately respond to threats, healthcare institutions must take on the mindset of “when” instead of “if.” Even with a lack of resources, there are still measures you can take to protect your institution from these attacks. These include:

  • Enabling strong spam filters to prevent phishing emails from reaching end users
  • Third party cybersecurity assessments
  • Updating and patching software and hardware
  • Locking down Remote Desktop Protocols (RDP)
  • Validating remote access to the organization’s network
  • Requiring multi-factor authentication for privileged or administrative access
  • Confirming the organization’s entire network is protected by antivirus/antimalware software
  • Testing backup procedures to ensure critical data can be rapidly restored if the organization is impacted by ransomware or a destructive cyberattack
  • Ensuring data is backed up, encrypted, and immutable

Additionally, comprehensive employee training programs should be implemented to educate healthcare staff about the importance of data security, best practices for handling sensitive information, and how to identify and report potential threats. In 2022, 74% of successful breaches included “the human element,” with stolen credentials, phishing, and exploitation of vulnerabilities being the top ways criminals were able to gain access. Therefore, employee cybersecurity training should cover topics such as phishing awareness, password hygiene, and social engineering.

We’re here to help

Healthcare’s unique vulnerability stems from its possession of vast amounts of valuable and sensitive patient information. By fortifying cybersecurity infrastructure, prioritizing employee education, and adopting proactive measures, healthcare institutions can better protect patient data, ensuring the industry remains a trusted guardian of personal information in the digital age.