The healthcare industry needs to be prepared for an anticipated increase in cyberattacks in 2024, with smaller healthcare providers becoming particularly vulnerable. In 2023, the US Department of Health and Human Services (HHS) Office for Civil Rights received 541 notifications of data breaches affecting over 500 individuals. These incidents prompted some healthcare providers to suspend elective procedures and staff access to IT applications, leading to disruptions in patient care. The financial costs of healthcare cybersecurity breaches also rose significantly in 2022, with an average cost of $10.1m per incident. Attacks on third-party vendors and the broader supply chain also increased. Healthcare organizations need to improve their cybersecurity posture by implementing “multi-layered” security strategies, conducting regular audits and building a culture of continuous improvement. Experts recommended focusing on fundamental security hygiene, including patching vulnerabilities and closely monitoring connected devices. In addition, healthcare organizations should collaborate with vendors to establish robust cybersecurity protocols. The regulatory landscape is also changing, with states proposing tighter cybersecurity regulations and the US HHS introducing a combination of voluntary goals and cybersecurity requirements that could come with payment hits and financial penalties for non-compliance. Experts predict that future regulations will focus on resilience rather than preventive controls, and will emphasize governance and executive involvement. Despite these developments, experts believe that a lack of funding remains a significant challenge for healthcare providers trying to improve their cybersecurity posture.
2024 Outlook: Cybersecurity trends every health system leader should know.
Latest from Blog
TfL halts data feeds due to cyber-attack repercussions
TLDR: Transport for London is facing ongoing cyber-attack. They have cut live data feeds to travel apps and restricted access to online services. Transport for London (TfL) is currently dealing with the
Russian military hackers target US and global critical infrastructure
TLDR: Russian military hackers, specifically linked to GRU Unit 29155, are targeting critical infrastructure in the U.S. and globally through cyber attacks. The cyber actors aim to gather data for espionage, damage
Seattle’s south school district cancels Monday classes over cyberattack
TLDR: Highline Public Schools, a district south of Seattle, canceled classes on Monday due to a cyberattack. The district detected unauthorized activity on its technology systems and is working to restore and
Beware Iran cyber threat to US healthcare entities, federal agencies warn
TLDR: Federal agencies issue warning about Iran-based cyber threats targeting U.S. healthcare entities Main actors identified as “Pioneer Kitten” connected to the Government of Iran In a recent advisory issued by the
Code Blue Computing’s cybersecurity contest for nonprofits is now open
TLDR: Code Blue Computing has launched a cybersecurity contest for nonprofits called “Labor of Love” to provide a full cybersecurity makeover for one deserving nonprofit organization. The contest includes a comprehensive Cyber
2024’s Operation: US Army Special Forces Hackers on the Attack
TLDR: U.S. Army Special Forces hackers used disruptive cyber-tactics in Exercise Swift Response 2024 in Sweden. They hacked into Wi-Fi networks to gain access to target locations and control security systems. Article
Social Security hit hard: 272 million affected, you may be impacted
TLDR: A recent data leak exposed sensitive information of 272 million individuals, including Social Security Numbers. Hackers are selling the stolen data on black markets, posing risks of identity theft and fraud.
Catchy: Wicus Ross from Orange Cyberdefense Revealing Cyber Extortion Insights
TLDR: Orange Cyberdefense’s Wicus Ross discusses the cyber extortion trend, highlighting key insights from their report: Small businesses are four times more likely to be targeted by cyber attackers 75% of countries
FBI busts Russian and Kazakh nationals running dark web marketplace
FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals TLDR: Key Points: FBI indict two individuals for managing dark web marketplace WWH Club Platform specialized in selling sensitive
Biden admin hypes AI promise for cyber defense strategies
TLDR: Key Points: White House considering a cybersecurity executive order focusing on AI Federal cybersecurity leaders see AI as a significant opportunity but also a major risk The Biden administration is looking