Healthcare under attack

One in five healthcare organisations reported a change in senior leadership (21%) or lawsuits (19%) as attack consequences, compared to 13% among other sectors surveyed.

Netwrix surveyed 1,309 IT and security professionals globally and today released findings for the healthcare sector based on the data collected.

It reveals that 84% of organisations in the healthcare sector spotted a cyberattack on their infrastructure within the last 12 months. Phishing was the most common type of incident experienced on premises, similar to other industries. Account compromise topped the list for cloud attacks: 74% of healthcare organisations that spotted a cyberattack reported user or admin account compromise.

“Healthcare workers regularly communicate with many people they do not know — patients, laboratory assistants, external auditors and more — so properly vetting every message is a huge burden. Plus, they do not realise how critical it is to be cautious, since security awareness training often takes a back seat to the urgent work of taking care of patients. Combined, these factors can lead to a higher rate of security incidents,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.

A cyberattack resulted in financial damage for 69% of healthcare organisations, compared to 60% among other industries. One in five healthcare organisations that suffered an attack experienced a change in senior leadership (21%) or lawsuits (19%) as a result, compared to 13% for each of these outcomes among all industries surveyed.

“Due to the sensitivity of the protected health information (PHI) data, breaches can cause severe concerns among the general public and various stakeholders. On top of that, healthcare is a highly regulated industry where organisations face strict penalties for non-compliance. Together, these factors lead to a higher-than-average likelihood of lawsuits. At the same time, organisations can feel pressured to change IT or even executive leadership to signal their commitment to addressing security issues and rebuilding trust,” says Ilia Sotnikov, Security Strategist at Netwrix.

Bitdefender has released the 2025 Cybersecurity Assessment Report, an annual report based on an...
Barracuda Networks has launched Barracuda Managed Vulnerability Security - this fully managed...
Panasonic Information Systems Co. Ltd. has implemented the CyberArk Identity Security Platform to...
Bitdefender has agreed to acquire Mesh Security Limited (Mesh), a provider of advanced email...
New program empowers technology providers to deliver integrated, scalable security solutions...
Radically simplifies network operations, delivers exponential performance with next-generation...
Securonix has acquired ThreatQuotient, the force behind ThreatQ, an innovative external threat...
The pilot program allows faster, more transparent procurement for cloud software buyers.