Health leaders devoting more money to defend against cyber attacks

A cybersecurity study from Claroty found that 78% of surveyed health care professionals reported experiencing at least one cybersecurity incident, with 60% of those having a moderate or substantial impact on care delivery, and 30% having sensitive data impacted in the past year.

In addition, for those hit by ransomware attacks, 25% of targeted organizations paid the ransom, with more than a third reporting around $1 million in recovery costs. The response to these threats is that 51% of respondents reported an increase in security budgets over the last year and a prioritization on the following threats:

1. Patching medical device vulnerabilities
2. Improving asset inventory management
3. Segmenting medical devices

“With 78% of health care operators reporting at least one cybersecurity incident in the past year, this is a full-on battle,” said Jan Lovmand, chief technology officer of cybersecurity firm BullWall, in a statement. “Ransomware attacks on health care facilities pose a grave threat to public health and safety.”

Lovmand says that ransomware attacks not only shut down delivery of critical medical services, causing care delays and jeopardizing patient lives, but also breach the sanctity of sensitive patient data.

“The aftermath of such attacks can be catastrophic, leaving hospitals grappling to recover their data and regain control over their systems,” says Lovmand. “Whether the ransom is surrendered or not, the toll in both financial losses and compromised patient care deals a crippling blow to these already strained institutions.”

Experts recommend all health care facilities take proper security measures, including training employees to recognize phishing attempts, and creating and maintaining off-site backups of all vital data.

This article was initially published by our sister publication, Medical Economics®.