Top

Cybersecurity in healthcare, key trends to monitor

Cybersecurity in healthcare: As revealed by the latest industry reports, in 2023, the healthcare sector was the fourth most affected by successful cyber-attacks after Manufacturing, Professional/Scientific/Technical, and ICT. It accounted for 9% of the total number of incidents reported, registering 624 globally, more than double the number in 2022 (304), and the trend was growing.

Customer information is valuable for identity theft and blackmail; despite this, many healthcare systems are still operating with traditional technologies. The sector is undergoing rapid modernization: adopting new technologies can help dramatically improve outcomes, while innovative care delivery models make the care experience much more enjoyable for patients. However, these approaches introduce a new level of risk: an attack surface that is becoming larger and more complex to protect. Understanding the key drivers of healthcare transformation today is critical to ensuring digital transformation and delivering the quality of care patients deserve.

Growth in remote care

Telemedicine and remote patient monitoring are revolutionizing the care experience. Patients, especially those with disabilities or living in underserved communities, enjoy better access to care.

While innovations such as remote care optimize the delivery of patient-centred care, they also introduce new cybersecurity challenges. Remote care requires access to medical records, protected health information, virtual visits and remote patient monitoring devices delivered through multiple channels: data centres, cloud providers and SaaS. Security teams must also manage IT infrastructure and connectivity between hospitals and patients. Ultimately, this shift towards decentralized care delivery models extends the attack surface and complicates protecting the entire network.

The proliferation of connected devices

Connected devices, medical and non-medical, now constitute a significant part of the hospital network. These include MRI machines, IV pumps, blood pressure monitors, laptops, security cameras, and even HVAC systems, to name but a few. To avoid data compromise and patient safety risks, it is necessary to protect these connected devices from start to finish.

Cybersecurity in healthcare, key trends to monitor
Cybersecurity in healthcare, key trends to monitor

Having complete visibility into various devices can be extremely difficult, especially for providers offering distributed care models. Devices are often connected to complex healthcare IT environments in medical centres, remote clinics and patients’ homes. This extends the range of endpoints, making each device a potential target for cybercriminals. To further complicate the problem, many IoT and IoMT devices critical to care operations are highly insecure.

Growing complexity of medical IT environments

Applications and services are now hosted in data centres and the cloud or provided by SaaS providers, while doctors provide care from anywhere, using a range of connected medical devices. Many of these run on outdated operating systems that often cannot be patched or protected effectively. Security teams manage these increasingly complex IT environments requiring significant technical resources. Healthcare companies often attempt to protect this digital landscape by adding point solutions that provide a single security function. However, these products generally lack integration and cohesion, further increasing complexity.

Securing the digital transformation in healthcare

Today’s healthcare cybersecurity cannot be based on one-off, unconnected solutions. Continuous care delivery requires a unified approach designed to identify and prevent known and unknown threats in real time. How do you achieve this while protecting your environment in an ever-changing threat landscape? Three areas should be prioritized: delivering care securely from anywhere, securing connected devices, and simplifying security through consolidation.

Antonino Caffo has been involved in journalism, particularly technology, for fifteen years. He is interested in topics related to the world of IT security but also consumer electronics. Antonino writes for the most important Italian generalist and trade publications. You can see him, sometimes, on television explaining how technology works, which is not as trivial for everyone as it seems.