For the past 11 years, the healthcare industry has been the most impacted by data breaches. In fact, the average total cost of a breach increased from $7.13 million in 2020 to $9.23 million in 2021, a 29% increase in just one year, per the 2021 Cost of a Data Breach report.
Unfortunately, cyberattacks in this sector are not just limited to financial, regulatory, or reputational impacts. They also directly put patient safety at risk. For example, in 2019, Israeli researchers showed that medical scans are vulnerable to being edited and manipulated.
In 2021, Swisslog, a pneumatic tube supplier, experienced a widespread firmware vulnerability that put thousands of hospitals at risk for ransomware attacks. If hackers can tamper with CTs or MRIs, they can also lead to misdiagnosis, insurance fraud, ransomware, cyberterrorism, and incorrect medical procedures or surgeries.
The healthcare industry needs to improve its cyber risk management. This is possible if it shifts from a traditional reactive cybersecurity approach to a predictive approach. The cornerstone of adopting a proactive strategy is to understand an organisation’s real-time, objective breach-likelihood.
