Healthcare under attack

One in five healthcare organisations reported a change in senior leadership (21%) or lawsuits (19%) as attack consequences, compared to 13% among other sectors surveyed.

Netwrix surveyed 1,309 IT and security professionals globally and today released findings for the healthcare sector based on the data collected.

It reveals that 84% of organisations in the healthcare sector spotted a cyberattack on their infrastructure within the last 12 months. Phishing was the most common type of incident experienced on premises, similar to other industries. Account compromise topped the list for cloud attacks: 74% of healthcare organisations that spotted a cyberattack reported user or admin account compromise.

“Healthcare workers regularly communicate with many people they do not know — patients, laboratory assistants, external auditors and more — so properly vetting every message is a huge burden. Plus, they do not realise how critical it is to be cautious, since security awareness training often takes a back seat to the urgent work of taking care of patients. Combined, these factors can lead to a higher rate of security incidents,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.

A cyberattack resulted in financial damage for 69% of healthcare organisations, compared to 60% among other industries. One in five healthcare organisations that suffered an attack experienced a change in senior leadership (21%) or lawsuits (19%) as a result, compared to 13% for each of these outcomes among all industries surveyed.

“Due to the sensitivity of the protected health information (PHI) data, breaches can cause severe concerns among the general public and various stakeholders. On top of that, healthcare is a highly regulated industry where organisations face strict penalties for non-compliance. Together, these factors lead to a higher-than-average likelihood of lawsuits. At the same time, organisations can feel pressured to change IT or even executive leadership to signal their commitment to addressing security issues and rebuilding trust,” says Ilia Sotnikov, Security Strategist at Netwrix.

New platform streamlines cyber risk assessments, delivering meaningful improvement roadmaps for...
Cyber firm pleads with enterprises to wake up to the data security crisis before financial and...
Zscaler has published the Zscaler ThreatLabz 2025 VPN Risk Report, commissioned by Cybersecurity...
Other key findings show an increase in crypto miner detections, a spike in zero-day malware, a drop...
96% of organizations attacked by ransomware said backups were targeted.
Platform delivers the industry's most comprehensive protection for all non-human identities that...
N-able UEM solutions now deliver a single, unified view to identify, prioritize, and report on...
Forcepoint has completed its acquisition of Getvisibility, a pioneer in AI-powered Data Security...