This blog was written by an independent guest blogger.
The impact of ransomware attacks on healthcare is as alarming as it is under-addressed. The United States healthcare system alone faces an annual burden of nearly $21 billion due to these attacks. It pays well over $100 million in ransoms, and is beginning to acknowledge the tragic realities of impacted patient care, including higher patient mortality rates. For every headline related to cyberattacks, there are likely hundreds more that go unreported.
In a study released in 2021, IoT/IoMT devices were revealed to be the attack vector for 21% of ransomware attacks. In May 2022, CISA Senior Advisor Joshua Corman further documented the rising risks during a Senate HELP Committee hearing.
And in August 2022, the Ponemon Institute dove even deeper into the impact of insecure medical devices on hospitals and patients in their Insecurity of Connected Devices in Healthcare 2022 report. Statistics from the report show:
- 43% of respondents experienced at least one ransomware attack.
- 88% of cyberattacks involve an IoMT device.
- The average data breach cost is well over $1 million.
- Tragically, 24% of attacks result in increased mortality rates.
Seven out of ten respondents (71%) believe that very high security risks are created by these otherwise overwhelmingly beneficial marvels of modern medicine. Recognition of risk is a step in the right direction, although it is unfortunately more of a talking point than one of action.
Over half (54%) of respondents did not report senior management requiring assurances of properly addressed IoT/IoMT device risk. Even more concerning, two thirds (67%) don’t believe their devices are being patched in a timely manner - the most basic, widely accepted and often required action for nearly any healthcare environment.
The current landscape of most hospitals - battling an epidemic with exhausted staff, strained resources, limited cybersecurity expertise and massive bullseyes - makes them easy targets. A consolidated effort to improve hospital security is needed; AT&T, in partnership with Ivanti Neurons for Healthcare, offers specific solutions to support risk reduction through actionable guidance.
Reports demonstrate before-and-after security status, reflecting the improvements gained by taking action. Network segmentation recommendations integrate with existing NAC solutions, adding intelligence and visibility to the process. Dashboards quantify risks by device, manufacturer, hardware type, and OS, providing a strategy to fight cybercriminals who leave morbid results in their ceaseless drive for ransoms.
In as little as five days, a proof of value engagement will demonstrate a reduction in risk for your healthcare organization. For more information about Ivanti Neurons for Healthcare, and how it can be part of a unified security approach with AT&T Cybersecurity visit us. There's also a nice e-book available to learn more.