Cybersecurity Resilience - The Vaccine Shot Healthcare Needs Against Evolving Threats

  • Published: February 12, 2024



The healthcare sector has always been a prime target for cybercriminals. The medical data, or even non-medical personal information like social security, dates of birth and addresses, of millions of patients is sold on the dark web. The attackers also demand hefty ransoms from the affected institution. Under the stress of having to revamp security and the disruption of the service pipeline in care facilities, each cyber attack can cost a lot – the global average cost of a data breach in 2023 was US$ 4.45 million. The number of healthcare cyber attacks recorded in 2022 averaged 1426 per week.


Most times, these attacks are not successful. But they still cause financial losses as the facility has to stall its services while they patch the vulnerability up. Which is why, Cybersecurity resilience becomes a crucial factor. Cybersecurity resilience refers to an organization’s ability to identify, respond and recover from a cybersecurity threat. This is different from cybersecurity in healthcare, which focuses on the active protection of the system from cyber threats, and not the recovery aspect.


A many-headed monster – Cyber threats in healthcare


What makes it really difficult to prepare for cyber attacks is the fact that there are no rules of engagement, or any way of predicting which weak link could be exploited. But attacks can largely grouped into:


  1. Ransomware: According to this report, ransomware attacks in 2023 globally surged by 95% over the numbers in 2022. These attacks make the data in a hospital (like patient medical history, financial data and schedules) inaccessible to the healthcare facility. This disrupts the functioning of the affected facilities for as long as it takes to decrypt the data, or back it up. 
  2. Phishing: Phishing is another prevalent cybersecurity threat in healthcare because it targets the human beings in the system. The attackers use seemingly innocuous emails that get the receiver to open them, infecting all the systems in the local network with malicious software. 
  3. Data breaches: Data breaches can happen at any stage where the data is vulnerable. From inadvertent use of third-party trackers to physical theft, there are many scenarios to be prepared for. A breach could lead to the exposure of sensitive patient information and substantial financial implications.
  4. Malware and DDoS attacks: The healthcare industry faces issues related to malware compromising system integrity, privacy of patients, and distributed denial of service (DDoS) attacks, disrupting facilities’ ability to provide patient care. The attackers usually then demand a ransom, and nullify the attack only after they’re paid.
  5. Insider threats and business email compromise: Insider threats and business email leaks are also significant concerns for healthcare facilities, posing risks to the integrity and security of systems and sensitive patient data.


Again, a good comparison of cybersecurity resilience and cybersecurity in healthcare would be their respective approaches to tackle this situation. While cybersecurity focuses on finding solutions to each of these types of attacks, cybersecurity resilience develops a holistic approach internally to become immune to any kind of attack, known or unknown.


Cybersecurity resilience in 2024:

  1. Securing IoMT devices: Recent attacks have shown a drop in phishing attacks and a rise in attacks targeted at software vulnerabilities to enter the system. This leaves a hospital with several interconnected Internet of Medical Things (IoMT) devices vulnerable, especially because most devices in use in a hospital are very likely to be still using their default passwords. While it’s really hard to get visibility on all IoMT devices in a care facility, it is possible to go over all of them and make sure they are individually secure to ensure fundamental security hygiene. 
  2. Navigating regulatory compliance: The regulatory landscape is constantly evolving, and with the upcoming NIST Cybersecurity Framework 2.0, healthcare providers must take the time to upgrade their security, and also train the workforce to keep up with the changes. These upgrades will help strengthen security across the board. For instance, the NIST CF 2.0 has cybersecurity supply chain risk management integrated into it.
  3. Leveraging AI & automation of cybersecurity: Advanced malware can evade detection by constantly mutating and, it turns out, machine learning could be the best solution. AI models can be trained to identify anomalies, make recommendations and execute actions required to freeze the attack in its tracks. Machine learning can also help in swiftly scaling security solutions, making the system resilient almost instantaneously.



Compare the healthcare facility to a human body. If all the equipment, servers, infrastructure and staff represent parts of the human body, then cybersecurity resilience would be the immune system of the body. Every part of the body must be resilient, or they become the weak link through which attacks paralyze the entire system. This also includes third-party vendors who handle sensitive patient data like insurance details and medical history. Care providers must rigorously ensure there is compliance with a unified strategy of digital health security across all fronts to continue to remain immune in the coming years.


About us

Reveal HealthTech provides specialized engineering, clinical model, and strategy support to healthcare organizations. With decades of expertise in healthcare data protection, we work with providers across the country to help them set up robust cybersecurity infrastructure to stay resilient to cyber threats.