It’s fair to say that the global healthcare sector has been subjected to an array of cyberattacks as it deals with the Covid-19 pandemic.

Recent examples documented where the healthcare sector has seen cyberattacks include:

  • Brno University Hospital in Czech Republic, which is one of the country’s Covid-19 testing centers and was struck by ransomware resulting in the postponement of surgeries.
  • The US Department of Health and Human Services that suffered a Distributed Denial of Service (DDoS) attack intended to disrupt the organization’s responses to the Covid-19 pandemic.
  • Increased phishing website hacking attempts on the World Health Organization (WHO) and its Partners.

There are many other examples and it’s a clear indication of effort by hackers/criminals initiating cyberattacks on the healthcare sector. Having said this, GlobalData’s recent engagement with leading global Managed Security Service Providers (MSSPs) indicates that due to hacker ethical reasons the level of attacks on the Healthcare sector is much lower than other verticals like B2B.

Network vulnerabilities in healthcare

The healthcare sector’s reliance on the Internet as its IT backbone is a key reason it is the subject of cyberattacks. This covers Hospital Information Systems (HIS) entailing Laboratory Information Systems (LIS), Policy and Procedure Management Systems (PPM), Personal Health Records (PHR), Radiology Information Systems (RIS) and more importantly email servers. This also covers a number of endpoint devices entailing various patient monitoring equipment that either connects to the internet or via legacy dispersed networks that are often unpatched. From an Enterprise Architecture (EA) perspective having tighter integration across the IT environment is positive in terms of the organization being more agile and having tighter data integration. However, it makes the network vulnerable to cyberattacks such as email phishing, ransomware, DDoS and network data breaches.

Healthcare spending more on cybersecurity

Despite the challenges faced by enterprise IT and security heads in the Healthcare sector, in the last two years’ leaders have demonstrated a desire to take positive steps to increase security measures across enterprise IT and networks. GlobalData is also seeing a greater proportion (5-10%) of the IT budget spent on cybersecurity.

However, a number of barriers still exist in providing greater levels of security. These include the rapid emergence of new threats, lack of security policies across the organization, complex configuration of endpoint devices, and networks of which some are within the legacy environment. In our view organizations in the healthcare sector must not be complacent and should consider options to address the security gaps that currently exist in their IT ecosystem and look for early wins, particularly across:

  • Workstations and servers
  • Healthcare networks, particularly legacy systems
  • Remote working (securing DNS and multi-factor authentication)
  • Endpoint devices (Endpoint detection protection and response)
  • Security policies and procedures
  • Hospital Information Systems (HIS), including Personal Health Records (PHR)

From a vendor perspective, GlobalData is seeing a lot of emphasis in Security vendors’ marketing capabilities in the Healthcare sector, particularly around:

  • Increased defenses and providing resiliency to email servers.
  • Cloud connectivity and providing security across a Software as Services (SaaS) environment.
  • Remote working (Endpoint devices).
  • Re-enforcing best practice policies and procedures.

Threat protection needs to be evaluated

In addition, there have been a number of portfolio announcements from vendors, covering Microsoft’s protection of critical healthcare services from ransomware (REvil) through Microsoft threat protection services, Accenture providing perimeter security to NHS UK through the use of Palo Alto Networks and Imperva platforms, and GE Health launching its Skeye offering in Feb 2020, a managed solution providing management, security and integration of devices on the healthcare network through a dedicated Security Operations Center (SOC).

In response, enterprise IT and security heads should further evaluate vendor’s capabilities around threat protection, particularly across email servers (phishing and ransomware), breadth of portfolio coverage in addressing cloud and endpoint security through a platform-centric approach, and flexibility in offering favorable pricing arrangements.



Download the full report from
GlobalData's Report Store

View full report

GlobalData is this website’s parent business intelligence company.