Healthcare under attack

One in five healthcare organisations reported a change in senior leadership (21%) or lawsuits (19%) as attack consequences, compared to 13% among other sectors surveyed.

Netwrix surveyed 1,309 IT and security professionals globally and today released findings for the healthcare sector based on the data collected.

It reveals that 84% of organisations in the healthcare sector spotted a cyberattack on their infrastructure within the last 12 months. Phishing was the most common type of incident experienced on premises, similar to other industries. Account compromise topped the list for cloud attacks: 74% of healthcare organisations that spotted a cyberattack reported user or admin account compromise.

“Healthcare workers regularly communicate with many people they do not know — patients, laboratory assistants, external auditors and more — so properly vetting every message is a huge burden. Plus, they do not realise how critical it is to be cautious, since security awareness training often takes a back seat to the urgent work of taking care of patients. Combined, these factors can lead to a higher rate of security incidents,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.

A cyberattack resulted in financial damage for 69% of healthcare organisations, compared to 60% among other industries. One in five healthcare organisations that suffered an attack experienced a change in senior leadership (21%) or lawsuits (19%) as a result, compared to 13% for each of these outcomes among all industries surveyed.

“Due to the sensitivity of the protected health information (PHI) data, breaches can cause severe concerns among the general public and various stakeholders. On top of that, healthcare is a highly regulated industry where organisations face strict penalties for non-compliance. Together, these factors lead to a higher-than-average likelihood of lawsuits. At the same time, organisations can feel pressured to change IT or even executive leadership to signal their commitment to addressing security issues and rebuilding trust,” says Ilia Sotnikov, Security Strategist at Netwrix.

Brivo has launched Brivo Security Suite. The unified platform simplifies security management by...
Cloud defenders are gaining ground as the cloud landscape comes into focus, with 92% of...
The newest releases of WSO2 Identity Server, Asgardeo IDaaS, and Private Identity Cloud add...
Mphasis has formed a strategic partnership with SecPod a SaaS-based cybersecurity products and...
Dragos has released the Dragos 2025 OT/ICS Cybersecurity Report, our 8th Annual Year in Review, the...
F5 Application Delivery and Security Platform converges high-performance traffic management and...
New report from Drata shows the growing complexity of GRC and mixed sentiments on AI.
CrowdStrike has released its 2025 Global Threat Report, exposing the growing aggression of...