Healthcare under attack

One in five healthcare organisations reported a change in senior leadership (21%) or lawsuits (19%) as attack consequences, compared to 13% among other sectors surveyed.

  • Wednesday, 22nd January 2025 Posted 6 months ago in by Phil Alsop

Netwrix surveyed 1,309 IT and security professionals globally and today released findings for the healthcare sector based on the data collected.

It reveals that 84% of organisations in the healthcare sector spotted a cyberattack on their infrastructure within the last 12 months. Phishing was the most common type of incident experienced on premises, similar to other industries. Account compromise topped the list for cloud attacks: 74% of healthcare organisations that spotted a cyberattack reported user or admin account compromise.

“Healthcare workers regularly communicate with many people they do not know — patients, laboratory assistants, external auditors and more — so properly vetting every message is a huge burden. Plus, they do not realise how critical it is to be cautious, since security awareness training often takes a back seat to the urgent work of taking care of patients. Combined, these factors can lead to a higher rate of security incidents,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.

A cyberattack resulted in financial damage for 69% of healthcare organisations, compared to 60% among other industries. One in five healthcare organisations that suffered an attack experienced a change in senior leadership (21%) or lawsuits (19%) as a result, compared to 13% for each of these outcomes among all industries surveyed.

“Due to the sensitivity of the protected health information (PHI) data, breaches can cause severe concerns among the general public and various stakeholders. On top of that, healthcare is a highly regulated industry where organisations face strict penalties for non-compliance. Together, these factors lead to a higher-than-average likelihood of lawsuits. At the same time, organisations can feel pressured to change IT or even executive leadership to signal their commitment to addressing security issues and rebuilding trust,” says Ilia Sotnikov, Security Strategist at Netwrix.

SolarWinds report suggests IT leaders underestimate the impact of broken processes and limited staff.
CISPE appeals Broadcom's VMware acquisition approval, citing competition risks and exclusion of smaller providers.
Red Hat introduces updates to streamline partner interactions, focusing on specialisation and demand generation for enhanced synergy.
Cynomi's 2025 State of the vCISO Report reveals AI's profound impact on service delivery and the burgeoning opportunities in the cybersecurity sector.
By Artur Martins, CISO | Cybersecurity Strategy Executive Advisor, Logicalis.

Adarma collapses into administration, losing 173 jobs

Posted 1 week ago by Aaron Sandhu
Cybersecurity firm Adarma has collapsed into administration, resulting in 173 job losses after financial struggles and investor withdrawal brought...
Acronis partners with Metrofile Cloud to enhance disaster recovery, offering advanced solutions tailored for Southern Africa's business landscape.
Network disruptions cost UK businesses millions, prompting renewed focus on connectivity and related IT investments.