Cyber Security in Healthcare: 5 ways to stay secure

The healthcare industry has historically been the top target of cybercrime. Personal health information is more valuable on the black market than any other identifying information and even bank credentials.  As we discussed in our previous insight on data analytics, healthcare organisations store large amounts of data that are vital to the delivery and improvement of patient care. When this data is compromised, the consequences can be disruptive at best and life-threatening at worst.

In 2017, a global ransomware attack saw 80 out of 236 NHS trusts in England compromised. The software, known as WannaCry, cost the NHS £92 million in lost output and IT expenses, according to a government report. More recently, in August 2022, a new ransomware attack on a supplier targeted patients’ data and disrupted key NHS services, including ambulance dispatch.

The rapid shift to virtual healthcare and digital monitoring in recent years, alongside remote working, contributed to the unprecedented increase in cyberattacks. As a result, cybercrime is predicted to cost businesses $10.5 trillion globally by 2025. Protecting systems and information is crucial now more than ever. This insight will cover 5 ways to enhance cyber security in the healthcare industry.

1. Protect sensitive information with multi-factor authentication

According to research by the UK National Cyber Security Centre (NCSC), a lack of secure identity management policies is the main cause of data loss. Protecting confidential information and patient records is critical to ensure that all services keep running.

Hackers obtain passwords mainly from leaked datasets, lost devices, and getting users to click on malicious links via email or text messages (phishing and smishing). Multi-factor authentication (MFA) is the first essential step to protecting data.

MFA, including two-step verification, requires users to provide two or more verification factors to access an online account or application, decreasing the likelihood of cyberattacks. MFA systems also track devices and their geolocation, so users are alerted every time access is requested from an unknown location.    

Total predicted cost of cybercrime by 2025

2. Create a secure network for medical devices against data breaches

With the rise of the Internet of Things (IoT), new high-tech medical devices are gaining popularity and improving outcomes in the delivery of care. However, IoT devices also present an increased security risk.

According to a US study by the Healthcare Information and Management Systems Society (HIMSS), at least 20% of healthcare delivery organisations experienced a cyberattack related to an IoT device in 2021, and this number is on the rise.

Because most IoT devices have proprietary operating systems that do not support any cyber security software, they are an easy entry point for attackers. Digital heart monitors and insulin pumps are just two of the most widely used devices that can be easily hacked.

Digital heart monitors and insulin pumps hack infographic

Last year, a ransomware attack at a hospital in the US made the headlines when a child was born with her umbilical cord wrapped around her neck and died months later as a result of brain damage. According to court documents, the damage would normally be easily picked up by heart monitors, but medical staff were unable to access the information because the attackers locked the display.  

Although this is a rare occurrence, it highlights the serious consequences of increased cyberattacks. Organisations in the UK are equally vulnerable, experiencing an average of 785 weekly cyberattacks as of August 2022.  Creating a secure network where all IoT devices can operate is the best protection against cyberattacks, ensuring constant monitoring and instant alerts in case of suspicious activity. 

3. Implement secure solutions for collaborative and remote working

Care and social work are collaborative by nature. This means healthcare professionals need to be able to easily access information remotely and from different devices. However, there is a high risk of cybercrime associated with shared access.

Implementing secure solutions and data usage control policies is key to ensuring processes are not impacted by potential attacks. Recording data will help detect unauthorised actions on patient files as well as respond quickly during an attack.

Strict access rights are also essential in a hyperconnected and remote working environment. Limiting email sharing is a simple step towards increasing cyber security, but the use of more advanced solutions such as fingerprint access or retina recognition is strongly recommended.

Risk-based authentication (RBA) is helpful for IT teams to recognise which devices might be vulnerable and limit access to sensitive data accordingly. Similarly, access can be granted based on the tasks that are usually performed on a device, avoiding unnecessary risk. For example, if a computer is only used to check emails, full access to the device will not be necessary.

Finally, advanced cryptography is crucial for data transmission and storage. These measures are extremely important to prevent damage when the speed of response is not always optimal. According to recent research, organisations in the UK take an average of 181 days to identify that a breach has happened, and a further 75 days to resolve the incident. This makes the UK the fifth fastest country to respond to cyber threats globally, but there is room for improvement.

Average time to identify a breach in UK organisations and the average time to resolve a cyberattack

4. Upgrade legacy systems to avoid malware

According to research, 83% of US healthcare organisations run on outdated IT systems and software, leaving them unprepared for attacks. UK organisations are equally vulnerable. This can put data in danger, especially in hospitals. Ensuring that technology and infrastructure are up to date is crucial to the delivery of care, but budget constraints can make it difficult to upgrade.

Additionally, healthcare professionals are reluctant to update systems for fear it might disrupt their workflow and add unnecessary hurdles. Organisations need to prioritise ease of processes to minimise distractions. Solutions like Microsoft 365 allow for simple authentication practices. In general, Single Sign-On (SSO) solutions enable access to multiple applications with just one set of login details, limiting distractions from other vital tasks while prioritising cyber security.

Your business could be at risk of a data breach. Let ROCK help.

5. Monitor mobile devices and encourage cyber awareness

Phones and other mobile devices are easy to hack and often contain the most sensitive data. Hackers frequently steal passwords and devices, reconfiguring them and compromising entire networks. Mobile devices should only be used when absolutely necessary.

All devices in use should be constantly monitored, updated, and removed at the first sign of suspicious activity. They should also be enrolled in a mobile device management utility. Remote locking of stolen devices, application data encryption and PIN codes are also essential to protect mobile devices.

However, cyber security awareness is even more important. Between mobile and desktop devices, IT systems and infrastructures of healthcare organisations can be difficult to manage. IT staff cannot be expected to manage every single device. Healthcare professionals need to be able to manage their own devices whenever possible.

Recent research highlights that a growing number of victims of ransomware are choosing to pay the extorsion to restore their data. Lack of cyber awareness is a factor in this. Healthcare professionals should be educated on the most common forms of phishing and malware that could infiltrate a network through a single device.

Many healthcare professionals still make avoidable mistakes such as clicking on fake websites and downloading e-mail attachments without scanning or verifying sources. Following a few simple rules can make a difference without taking time away from other vital tasks. Adopting software that is easy to use and has a simple interface can also make it easier for employees to consistently adhere to cyber security standards. 

Conclusion: the importance of cyber security in the healthcare industry

Cyber security is a top priority for the healthcare industry in the digital age. Protecting personal data allows for the smooth delivery of services and avoids reputation damage. Recent events highlighted the disastrous impact of weak cyber security systems. Although investments in cyber security for healthcare in the UK have grown by 7% in 2021, there is room for improvement.

Implementing a framework that focuses on security posture, methods for fighting cyber threats, and a plan for constant improvement is crucial. A solid cyber security strategy protects workers and patients while saving money and lives.

Our complimentary assessment will show which areas of your organisation are at highest risk and provide advice about how to improve your security.

Find out more about our cyber security risk assessment.

Ian cutout mono.jpg

“As the healthcare sector is adopting new technologies and navigating the digital age, the threat of cyber vulnerabilities is becoming more prevalent. It is imperative that they adopt a comprehensive cyber maturity framework that aligns to their ongoing strategy, as protecting staff and patient data is of the utmost importance.” - Ian Elsbury, Managing Director at ROCK.


  1. Altynpara, E. (2022) Cybersecurity and data protection in healthcare. Forbes 15 February 2022 [Accessed: 14 September 2022].
  2. Corker, J. (2021) 81% of healthcare organisations hit by ransomware last year. Infosecurity Magazine 20 October 2021 [Accessed: 15 September 2022.]
  3. Cyber Security Policy (2018) Securing cyber resilience in health and care: Progress update October 2018. UK Government Department of Health and Social Care October 2018 [Accessed: 15 September 2022].
  4. Edward, G. (2020) The US is fighting Covid-19 with 83% of healthcare systems running on outdated software. AtlasVPN 17 March 2020 [Accessed: 15 September 2022].
  5. Haththotuwa, S. (2022) Healthcare sector facing 69% increase in cyberattacks. Business Leader 15 August 2022. [Accessed: 20 September 2022].
  6. HIMSS (2021) Healthcare Cybersecurity Report. HIMSS 2021 [Accessed: 15 September 2022].
  7. Milmo, D. (2022) NHS ransomware attack: What happened and how bad was it? The Guardian 11 August 2022. [Accessed: 14 September 2022].
  8. Morgan, S. (2020) Cybercrime to cost the world $10.5 trillion annually by 2025. Cybercrime Magazine 13 November 2020 [Accessed: 14 September 2022].
  9. O’Driscoll, A. (2022) UK cyber security and cyber crime statistics 2022. Comparitech 1 August 2022 [Accessed: 15 September 2022].
  10. Shrimali, R. (2020) How IoT is transforming the healthcare industry? Embedded Computing Design 30 June 2020 [Accessed: 16 September 2022].


The impact of data analytics in healthcare: 5 ways to reduce costs

© 2024 ROCK. All rights reserved.

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now