Threat actors continue to target the health care industry. IBM’s Threat Intelligence Index for 2022 rates the industry as the sixth most targeted. That puts it close behind the energy and retail and wholesale sectors. Certain regions seem to be more prone to attack as well. The Asia-Pacific region accounted for 39% of all health care-related attacks, while North America trailed next at 33%. Coming as no surprise, ransomware is the leading known method of attack, representing 38% of cases.
Some other noteworthy attack methods are:
Business email compromise
Vulnerability exploitation
Server access
Credential harvesting
Misconfigurations
Phishing
Stolen credentials.
These methods should not shock readers; many of them are responsible for most cybersecurity incidents. But what makes the health care industry different? Specifically, what are the unique challenges the industry faces?
Unique Needs for the Health Care Industry
Health care attacks are particularly expensive for the victim. However, the consequences go far beyond cost. Health care organizations are particularly at risk because of:
The need for a fast response
Types of data handled
Types of devices used and service delivery methods
Investment, awareness and business drivers.
As with everyday operations, knowing your risk tolerance is vital to successful decision-making and execution. With lives at stake, risk tolerance could be expected to be low, but attacks keep happening and they are successful. Many of the health care industry’s unique challenges are, in fact, non-technical. Let’s take a look.
Need for Speed
A perfect example related to preparedness comes out of an Immersive Labs study, the incident response health differences drivers
