Cyber security in healthcare - key issues and trends
Cyber attacks have been on the rise in the past few decades. The reasons are numerous, but they all boil down to the increase in digitalization and the associated massive availability of data, rendering cyber security one of the major issues in today’s digitized world.
The number of cyber attacks in the healthcare sector has exponentially gone up in the past few years despite the industry’s comparatively low level of digitalization. The major drivers that have increased the exposure of the healthcare sector to cyber threats are:
- A fast-paced and ever-changing technological environment;
- A very heterogeneous IT landscape, partly caused by prolonged and labor-intensive digitization processes in hospitals;
- The existence of increasingly network-integrated medical devices.
The most frequently observed types of threats in healthcare are:
- The implementation of ransomware (for financial gain);
- The hacking of large databases that contain healthcare-related data to gain sensitive information on citizens;
- Attempts at influencing patients’ behavior – even though rather rare at the moment – by hacking (IoT-related) devices such as pacemakers.
So far, it can be safely stated that the cyber security approach of most healthcare organizations has been reactive and inefficient. However, PAC has a positive attitude towards the general digitalization process in healthcare, with extensive projects underway in many European countries. Furthermore, new technologies have proven to be beneficial; e.g., artificial intelligence can help turn the general cyber security approach of healthcare organizations from reactive to proactive by enabling the analysis of even small signals to anticipate upcoming threats in time. Blockchain technology with its decentralized and highly encrypted and secure structure can be suitable for healthcare data.
In its InBrief report, PAC provides an overview of the major cyber security risks and trends in the healthcare industry and gives some crucial recommendations for IT providers as well as IT buyers (subscription required!).