Skip Navigation
BlackBerry Blog

6 Cybersecurity Challenges Facing Healthcare [New Research]

CYBERSECURITY / 11.10.22 / Gary Davis

New research reveals the latest obstacles to robust cybersecurity in healthcare. The list starts with budget constraints and ends with securing data in the cloud — with several additional obstacles identified along the way. We explore these in more detail, below.

When it comes to medical data and devices, the stakes could not be higher. If a threat actor steals patient records, no one can just cancel them and issue a new set like you can after credit card numbers or email credentials get stolen in a breach. Stolen medical records have forced some clinics to go out of business and led to blackmail attempts against patients.

And a cyberattack against medical technologies and the IT infrastructure that support doctors and nurses can quickly escalate from a cyber incident into a real-life health emergency.

Cybersecurity in the Healthcare Sector

Today, medical IoT, sometimes called the “internet of medical things” (IoMT), connects devices and systems throughout the healthcare ecosystem — from nurse call systems and connected medical machinery and diagnostics to wearables that monitor patient vital signs and other Wi-Fi-enabled devices. In fact, Deloitte forecasts the IoMT market reaching $158 billion in 2022, up from $41 billion in 2017. Adding to this challenge is that many of these devices are brand new, while some are actually quite old.

Figure 1 – IoMT flow diagram (source: Embedded Computing)

As the IoMT grows in size and complexity, security risks grow exponentially. And attacks against the healthcare sector are also rising.

The Department of Health and Human Services (HHS) says data breaches against healthcare organizations increased 84% from 2018 to 2021. Recent data from the FBI's Internet Crime Complaint Center (IC3) shows that the health sector accounts for 25% of ransomware complaint victim reports across all 16 critical infrastructure sectors.

Moreover, the average cost of a data breach in healthcare recently reached $10.1 million, more than any other industry vertical.

This is why it is so crucial to hear from the medical industry itself about the challenges faced when trying to securely enable a complex environment.

6 Healthcare Cybersecurity Struggles

What are the headwinds confronting teams that strive to build and maintain a strong cybersecurity posture at their organizations? To answer this question, BlackBerry surveyed more than four hundred IT and cybersecurity leaders in the U.S., Canada, and U.K.

Below are the top obstacles reported by those in the healthcare sector.

1. Budget Constraints
83% of respondents agree that building an effective cybersecurity program is expensive, due to the required tools, licenses, and personnel

2. Lack of Incident Response Planning
Among industries surveyed, respondents in healthcare were the least likely to say that they have an incident management process to handle cyber threats or breaches. One in three say they’re unprepared to respond to a breach.

3. Limited Detection Capabilities
Only 45% of respondents believe their organization has the knowledge, tools, and visibility to detect and respond to zero-day and other advanced threats.

4. Alert Fatigue 
Many respondents report being overwhelmed by security alerts. This is a common problem across all industry verticals. In healthcare, 50% say they do not have the capacity to handle the daily deluge of alerts generated by their security tools.

5. Cybersecurity Talent Gap
In a world where threats never stop, nearly four-in-ten (38%) respondents say they lack the security teams and tools to be effective 24x7x365.

And 77% agree that the amount of work to create a dedicated security operation center (SOC) is daunting.

6. Challenges With Cloud Security
42% of respondents cited cloud storage and cloud applications as the two most difficult aspects of the digital environment to protect.

These are significant hurdles, to be sure, but our BlackBerry research also revealed some hopeful signs that organizations are taking steps to improve their security posture.

One area of managed services growth relates to extended detection and response (XDR). XDR solutions expand on the core functionality of endpoint detection and response (EDR) solutions by unifying the detection and analysis of threats across an organization’s entire digital environment. XDR solutions also equip security teams with a cohesive, holistic view of their entire technology landscape.

However, XDR comes with a major challenge — one that was underscored in our research. It takes significant resources — time, budget, and personnel — to implement XDR effectively. This is another place where managed services can significantly help bridge the gap. (Read Midmarket Game Plan: Shore Up Security and Resilience with Managed XDR to explore this topic.)

The Future of Cybersecurity in Healthcare

The Health Care Industry Cybersecurity Task Force, consisting of U.S. government and private sector healthcare and security leaders, called for the industry to avoid tradeoffs when it comes to cybersecurity:

If the health care system is connected, but insecure, this connectivity could betray patient safety, subjecting them to unnecessary risk and forcing them to pay unaffordable personal costs. Our nation must find a way to prevent our patients from being forced to choose between connectivity and security.

So how can we avoid risky tradeoffs as the complexity of securing the healthcare sector — and the scale of the medical internet of things — increase? This is certainly challenging as hospitals and clinics remain under pressure to adopt leading-edge medical technologies — and leanly staffed cybersecurity and IT teams are expected to secure them in an “always live” production environment.

Zero Trust in Healthcare

One idea is to consider a zero trust networking approach (ZTNA) to help with authentication challenges. According to the “Report on Improving Cybersecurity in the Health Care Industry” created by U.S. government and industry collaboration, clinicians in a hospital setting are typically required to access multiple computers — located throughout the facility — up to 70 times per shift as they care for patients.

With traditional security, once access has been granted, it typically persists either permanently or for a set period of time. Shortening the period of authentication, and/or requiring manual reauthentication each time a user changes devices or locations, can improve security, but it will negatively impact the user’s experience and productivity. However, lengthening the authentication period buys threat actors extra time to access a compromised account.

In contrast to these scenarios, zero trust effectively automates the process by continuously monitoring user behavior, and validating that they and their devices have the proper privileges and attributes to remain “trusted.”

Managed Security Services in Healthcare

Another thing that can help is increasing your use of managed services. Implementing new security technologies and processes takes time and resources. And the escalating onslaught of cyberattacks targeting healthcare providers means those organizations are working against the clock to implement necessary changes to better protect themselves.

This is precisely why so many healthcare companies are turning to managed services, to help them increase their security “coverage,” reduce risk and staff burnout, without overextending their budget. Perhaps this is just the prescription your organization has been seeking?

Gary Davis

About Gary Davis

Gary Davis is Chief Cybersecurity Advocate at BlackBerry.