With technology moving at breakneck speeds and healthcare firms often being chronically understaffed, the industry is facing something of a cybersecurity crisis, a new report has claimed.
After surveying 150 IT and IT security decision-makers from healthcare organizations around the world, SailPoint found that almost all (93%) suffered an identity-related security breach in the last two years.
The findings add that firms in the healthcare industry are facing more attacks than ever before, most of which can be attributed to compromised identity attempts.
Many challenges ahead
To tackle the issue, businesses should focus on AI-enabled identity security, says the company selling AI-enabled identity security solutions. That being said, SailPoint says healthcare firms struggle to implement the technology due to a lack of flexibility in integration (43%), a lack of skills needed to make the change (42%), and a lack of resources. Roughly two in five struggled to maintain compliance with laws and regulations, while a third (30%) couldn’t get senior buy-in.
Still, by not implementing the new technology, SailPoint argues, businesses are risking operational downtime, compromised accounts and endpoints, revenue loss, stolen company data, and reputational damage.
One of the more sickening examples was the attack on a COVID-19 hospital in the Czech Republic back in May 2020, which rendered the facility unable to transfer information from key clinical systems to its database and was adjudged serious enough to switch off IT systems and shift acute patients to an alternative facility.
SailPoint is hardly the only one discussing the problem. A recent report from Check Point Research says that just in 2022, the number of cyberattacks grew by more than a third (38%) year-on-year.
Healthcare is among the most targeted industries, mostly because the firms had their hands full with the COVID-19 crisis. In fact, for the third quarter of 2022, the healthcare industry suffered 60% more attacks compared to the same quarter in 2021, averaging about 1,400 attacks per organization per week, the same company found.