Why is the healthcare sector at high risk for cyber-attacks?
The healthcare sector is a particularly attractive target for cyber-attacks. It has been reported that personal health information is 50x more valuable on the black market than financial information1. While financial information such as credit card numbers can be changed, personal health information usually follows one throughout their lifespan. The healthcare sector houses several important “assets”2 such as:
- Confidentiality and Integrity of patient’s health records: Health records include patient’s private information (e.g. health-related information, credit card details) that may be of value to data thieves in abusing such information for financial gain. Moreover, if records can be maliciously altered, this may impact patient care as well.
- Availability of healthcare services: Cyber-attacks may cripple healthcare and administrative services which disrupt healthcare institutions’ ability to deliver appropriate patient care in a timely manner.
- Reputation: Healthcare service providers, like all other businesses, pride themselves in ensuring brand and image equity. Any inability to avert and manage cyber-attacks has a direct impact on service provider’s reputation.
Cyber-attacks on healthcare records, IT systems and medical devices are a major cause for concern for our healthcare providers, ranging from hospitals, nursing homes, clinical laboratories, medical chains to group and solo medical and dental practices. Cyber-attacks are also increasingly sophisticated and can lead to widespread implications. Hence, it is essential for all healthcare organisations to prioritise efforts to raise their cybersecurity posture and put in the required resourcing and manpower to enable this.
1 Source: Cybersecurity Ventures
2 Adapted from source: 2016 Report by Independent Security Evaluators (ISE): Securing Hospitals: A research study and blueprint