What Is Healthcare Cybersecurity?

Why Cybersecurity Matters in Healthcare

Healthcare delivery has changed since the turn of the decade. Telehealth services, mobile workforces, AI, cloud adoption, and medical IoT have made quality care more accessible.

Yet with these new modalities of care comes greater reliance on the internet and cloud-delivered services. As healthcare organizations look to layer this new technology over their legacy infrastructure—often decades old—traditional networks are struggling to keep up. Ultimately, all this translates to increased risk of a data breach.

Malicious actors are exploiting vulnerabilities in emerging services and abusing AI tools to launch more frequent and advanced cyberattacks. In the process, they’re threatening to erode patient trust, expose providers to sanctions, and disrupt the delivery of health services.

All that said, healthcare organizations’ priorities remain constant: provide excellent care, improve patient outcomes, and protect patient data. To these ends, cybersecurity has become a strategic imperative in healthcare.

The Future of Healthcare Data Security

A cornerstone of American healthcare security, the HIPAA Security Rule has seen relatively few changes since 2013. However, planned updates by the US Department of Health and Human Services are likely to lead to three key changes in 2024:

1. New security requirements for covered entities that participate in Medicare or Medicaid
2. New security standards in the HIPAA Security Rule to better support accountability
3. A greater capacity for the OCR to investigate and penalize HIPAA noncompliance

These updates are essential to protect patient data in the evolving digital and threat landscapes. Amid the growth of IoT, cloud adoption, advanced threats like double extortion ransomware, and the complexity of legacy networks, effective security is more important than ever.

Key Challenges in Healthcare Cybersecurity

Healthcare IT and security teams working to bridge security gaps often implement single-purpose solutions, creating a costly, cumbersome patchwork over time. Cohesive, effective security is often difficult to achieve in healthcare because of:

• Diverse IT ecosystems: Maintaining unified security is challenging in environments with an assortment of medical devices, healthcare systems, and IoT—the latter of which often lack robust security features.
• Legacy systems: High uptime requirements force much of the healthcare sector to rely on outdated systems and software without modern security features. Many have already reached end-of-support.

• Budgetary constraints: With tight operating margins, budgeting for modern security tools and staff often takes a back seat to ensuring continuity of care.
• Regulatory guidance: Frameworks like HIPAA may not always offer the most up-to-date or adaptable guidance. Cyberthreats evolve far too quickly, and regulations may prioritize specific controls or tools without accounting for modern threats.
• Prioritizing patient care: Delivering quality patient care is priority one, so when accessibility and efficiency have to compete with cybersecurity, security may get pushed down the list.

Top Types of Healthcare Cyberthreats

Because they handle so much private data, healthcare organizations and supply chain partners are prime targets for cyberattacks. By abusing stolen credentials and unpatched vulnerabilities, attackers access, steal, and profit from privileged information.

Most recently, the COVID-19 pandemic, generative AI, and VPN exploits have led to an explosion in healthcare attacks.

Phishing

Healthcare phishing swelled more than 250% in 2022 as patients resumed treatments they had deferred earlier in the pandemic. Meanwhile, generative AI has made it faster and easier to launch attacks.

Read more in our 2023 Phishing Report.

Ransomware

Across industries, ransomware attacks increased by more than 37% between April 2022 and April 2023. In healthcare specifically, ransomware attacks increased a massive 165.38%.

Read more in our 2023 Ransomware Report.

Encrypted Attacks

Healthcare was the fourth most popular target of encrypted attacks worldwide in 2023, with 29% more attacks compared to 2022.

Read more in our 2023 Encrypted Attacks Report.

Appliance Exploits

In 2024, 56% of organizations suffered at least one attack in the prior 12 months that exploited their VPNs. Externally facing, legacy appliances are among healthcare's top attack vectors, with many new vulnerabilities discovered every quarter.

Read more in our 2024 VPN Risk Report.

The Need for Comprehensive Cybersecurity in Healthcare

Amid growing threats, patients and providers need ways to securely access, manage, and monitor care from anywhere. To achieve that, most of the industry is migrating to the cloud. This highlights several key considerations for security and operations.

Cyber Risk Management

Telemedicine, the cloud, and IoT have paved new avenues for malicious access to healthcare data and systems, and attacks on healthcare are skyrocketing.

Organizations need to:

• Reduce the attack surface to restrict malicious access to healthcare systems. This starts with keeping users and devices off the network, granting only authorized users direct, least-privileged access to resources.
• Hide internet-exposed appliances and applications that can leave doors open for attackers.

Infrastructure and M&A Costs and Risk

The industry continues to consolidate through mergers and acquisitions, which tend to compound IT complexities and vulnerabilities. A 2023 University of Dallas study found data breach risk doubles for US hospitals in the year before and after a merger.

Organizations need to:

• Apply unified policy across all clouds and data centers.
• Securely connect users, devices, and apps during M&A integration.
• Avoid the complexity, compatibility, and cost issues typical of M&A.

Securing New Care Models and Medical IoT

As healthcare systems make care more accessible, they also need to make sensitive data securely accessible from virtually anywhere, on any device. Widely distributed data and thousands of potentially vulnerable internet of medical things (IoMT) endpoints can make this incredibly difficult.

Organizations need to:

• Secure and simplify IoMT connectivity so they can safely adopt new applications and devices.

Optimizing Work from Anywhere

The ripples of financial recession, labor shortages, and burnout continue to hinder the delivery of effective care. New delivery models and cloud solutions can improve staff satisfaction, productivity, and efficiency. However, they stretch the limits of the industry's aging infrastructure.

Organizations need to:

• Move beyond traditional firewalls, VPNs, and perimeter-based network infrastructures.
• Embrace a zero trust architecture built to deliver scalable, secure connectivity for clouds and hybrid workforces.

Healthcare Cybersecurity Best Practices

Robust security practices are essential to protect patient data, maintain the integrity of medical services, and uphold trust. Every organization should:

1. Encrypt sensitive data in transit and at rest to prevent unauthorized access.
2. Decrypt inbound and outbound traffic to block hidden threats and protect sensitive data.
3. Reduce your attack surface using a reverse proxy architecture to make devices and applications invisible to the public internet.
4. Conduct risk assessments of IT systems, networks, and IoMT to find and address issues before they lead to breaches.
5. Enforce least-privileged access and multifactor authentication (MFA) to ensure only authorized access to sensitive information.
6. Educate staff on security policies and ways to reduce risk, particularly around phishing, ransomware, and data handling.
7. Keep systems up to date with the latest security patches.
8. Implement robust monitoring and incident response procedures to rapidly address security incidents, reduce their impact, and speed up recovery.
9. Adopt a zero trust architecture to reduce the risks and challenges of perimeter-based networking, firewalls, and VPNs, and ensure identity-based access to data and applications.

How Zscaler Can Help

Our zero trust approach securely connects users and devices directly to your healthcare systems’ applications, not your network, helping your organization:

• Protect patients, employees, devices, and sensitive data from cyberattacks
• Preserve the confidentiality and integrity of patient data
• Stay compliant with industry regulations like HIPAA and HITECH
• Inspect 100% of TLS/SSL traffic to mitigate threats and data loss