Skip to main content

Healthcare cybersecurity spotlight

24 July 2025

Healthcare cyber security series
 

Cybersecurity in healthcare

Cyber-criminals continue to target industries where there are huge financial rewards, one of the prominent being health and human services in the UK. The healthcare industry is particularly vulnerable due to a potentially:

  • under-staffed, overstressed workforce;
  • and weakened critical infrastructure.

This situation leaves healthcare institutions exposed to the risk of cyber threats and compromised patient care.

Healthcare leaders and pharmaceutical companies are now seeing the real value of cybersecurity solutions. They are utilising emerging technologies to combat potential cyber threats.1

With the expansion of the remote workforce, detecting and preventing social engineering scams has become more difficult. While the increase in distractions when working from home have been widely discussed, physical separation from the workplace also presents key challenges. Without a co-worker to talk to nearby, healthcare employees are less likely to do a 'sense check' of a suspicious email.2

The importance of cybersecurity training and awareness

Cyber-crime is more sophisticated than ever, and your employees are your first line of defence. To nurture a culture of regulatory compliance in your business, you need to conduct regular risk assessments. Additionally, training your staff on healthcare cybersecurity and patient safety will help reduce the risk of human error causing any cyber incidents.

Start with building awareness, ensuring your staff understand the security risks. This includes what suspicious activity looks like and how to protect patient records.

Why is the health sector so lucrative for cyber-criminals?

In 2024, the healthcare sector saw a 21% increase of cyber attacks from the year before, and a colossal 216% increase from 2022. The healthcare sector always seems to be a firm favourite with cyber criminals. NCC's ransomware database has consistently ranked healthcare services in the top five most targeted sectors across 2022, 2023, and 2024.2

There are so many users of and many points of access in electronic data systems used by the healthcare sector. Those accessing highly sensitive data on these health systems are most often nurses and doctors who work long shifts and may be sleep deprived. This means healthcare systems are particularly vulnerable to scammers looking to take advantage of employees. According to the NCC group, only 40% of healthcare organisations provide cyber risk awareness training.2

Medical systems sometimes go without adequate data security updates for years. This makes hospitals and healthcare providers even more susceptible to evolving cyber threats and cyber attacks.

Sound familiar? If so, it’s time to put a plan in place to safeguard your sensitive information, intellectual property (IP), reputation – and money!

What is the cost of a healthcare data breach or cyber attack?

According to IBM’s Cost of a Data Breach Report 2024, the global average cost of a cyber breach in healthcare is now $9.77 million. This is 67% higher than the global average of all other industries studied.3

Costs associated with remediation will usually account for the largest chunk of the total. Costs can be mitigated by:

How to build cyber resilience

Protecting your business from cyber-crime and data breaches doesn’t need to be expensive. A modest investment in training and process changes can be invaluable in facing your business's cybersecurity challenges. It can also help reduce the likelihood of falling victim to cyber attacks.

1. Alert employees

Make employees aware of these scams through security awareness campaigns and available cyber threat intelligence. Particularly those in accounting, finance, HR, and benefits. Provide periodic anti-fraud training that teaches all employees to detect and avoid phishing and social engineering scams.

2. Establish an out-of-band verification process

Require confirmed identity of any person requesting a funds transfer, a change to banking information, or payment instructions. This also applies to requests for access to critical data such as tax and payroll information.

  • Require voice verification for all changes involving banking information.
  • Don’t trust contact details provided in the request. If the request is fraudulent, the criminal will have supplied fake contact information too.
  • If the request is by email, call and speak to the person at a number you know to be correct.
  • If the request is by phone, use an email address you know to be correct.
  • Instead of using “Reply,” forward the email and type in the email address you know to be correct.

3. Set up multi-factor-authentication (MFA)

An MFA should be set up for any remote access to your email system, your VPN, your ACH system, and other sensitive applications. Many platforms now provide for MFA at little or no cost.

4. Tell customers

Let your customers or clients know that you will not change banking instructions without authentication. They should treat any such request as possibly fraudulent.

5. Reduce email retention periods

Reducing email retention periods limits the amount of sensitive data held in email inboxes.

6. Consider implementing email security improvements

For example, the Sender Policy Framework (SPF) email security standard or an advanced email cybersecurity threat protection product.

Cybersecurity solutions

By implementing robust cybersecurity measures and regularly assessing your cybersecurity programs, healthcare organisations can better protect sensitive patient data. This approach also helps improve patient outcomes and maintain patient trust in an increasingly complex cyber landscape.

To find out more about cyber insurance click here

 

Sources

1. kpmg.com/cybersecurity-considerations-2024/report
2. nccgroup.com/healthcare-sector-at-high-risk-from-cyber-attacks-warn-experts
3. ibm.com/reports/data-breach