Search
00
GBAF Logo
trophy
Top StoriesInterviewsBusinessFinanceBankingTechnologyInvestingTradingVideosAwardsMagazinesHeadlinesTrends

Subscribe to our newsletter

Get the latest news and updates from our team.

Global Banking & Finance Review®

Global Banking & Finance Review® - Subscribe to our newsletter

Company

    GBAF Logo
    • About Us
    • Advertising and Sponsorship
    • Profile & Readership
    • Contact Us
    • Latest News
    • Privacy & Cookies Policies
    • Terms of Use
    • Advertising Terms
    • Issue 81
    • Issue 80
    • Issue 79
    • Issue 78
    • Issue 77
    • Issue 76
    • Issue 75
    • Issue 74
    • Issue 73
    • Issue 72
    • Issue 71
    • Issue 70
    • View All
    • About the Awards
    • Awards Timetable
    • Awards Winners
    • Submit Nominations
    • Testimonials
    • Media Room
    • FAQ
    • Asset Management Awards
    • Brand of the Year Awards
    • Business Awards
    • Cash Management Banking Awards
    • Banking Technology Awards
    • CEO Awards
    • Customer Service Awards
    • CSR Awards
    • Deal of the Year Awards
    • Corporate Governance Awards
    • Corporate Banking Awards
    • Digital Transformation Awards
    • Fintech Awards
    • Education & Training Awards
    • ESG & Sustainability Awards
    • ESG Awards
    • Forex Banking Awards
    • Innovation Awards
    • Insurance & Takaful Awards
    • Investment Banking Awards
    • Investor Relations Awards
    • Leadership Awards
    • Islamic Banking Awards
    • Real Estate Awards
    • Project Finance Awards
    • Process & Product Awards
    • Telecommunication Awards
    • HR & Recruitment Awards
    • Trade Finance Awards
    • The Next 100 Global Awards
    • Wealth Management Awards
    • Travel Awards
    • Years of Excellence Awards
    • Publishing Principles
    • Ownership & Funding
    • Corrections Policy
    • Editorial Code of Ethics
    • Diversity & Inclusion Policy
    • Fact Checking Policy
    Original content: Global Banking and Finance Review - https://www.globalbankingandfinance.com

    A global financial intelligence and recognition platform delivering authoritative insights, data-driven analysis, and institutional benchmarking across Banking, Capital Markets, Investment, Technology, and Financial Infrastructure.

    Copyright © 2010-2026 - All Rights Reserved. | Sitemap | Tags

    Editorial & Advertiser disclosure

    Global Banking & Finance Review® is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

    1. Home
    2. >Technology
    3. >A matter of life or death: security challenges for the healthcare industry
    Technology

    A Matter of Life or Death: Security Challenges for the Healthcare Industry

    Published by Jessica Weisman-Pitts

    Posted on October 20, 2021

    5 min read

    Last updated: January 29, 2026

    Add as preferred source on Google
    An image depicting business professionals discussing embedded finance strategies. This reflects the article’s focus on how companies innovate payment solutions and enhance customer relationships.
    Business professionals analyzing embedded finance solutions for enhanced customer engagement - Global Banking & Finance Review
    Why waste money on news and opinion when you can access them for free?

    Take advantage of our newsletter subscription and stay informed on the go!

    Subscribe

    Quick Summary

    Healthcare cybersecurity is critical, with rising ransomware attacks and nation-state threats. Protecting patient data is paramount.

    Healthcare Security Challenges: A Matter of Life or Death

    By Robert Golladay, EMEA and APAC director at Illusive

    According to the 2020 IBM Cost of a Data Breach Report, the monetary cost of recovering from a cyberattack is significantly higher for healthcare organisations than for companies operating in any other sector. The price tag increased by 10% between 2019 and 2020 and currently sits at around $7.13 million.

    But more concerning than monetary losses is the human cost that a successful cyberattack targeting healthcare providers can have. In the November of 2020, German officials attempted to prove that the death of a patient was the direct result of a ransomware attack that shut down a hospital’s infrastructure and forced medics to turn the ambulance away, thus delaying life-saving treatment.

    Since the Wannacry ransomware attack against the UK’s National Health Service in 2018, the specter of cyberattacks has loomed large on healthcare institutions. Whether it’s a data breach that exposes patients’ information or a more dangerous ransomware attack that encrypts data and renders systems unusable, healthcare providers have no margin of error when it comes to defending against cyber threats.

    But as breaches continue to occur, we are forced to look at the inherent flaws of most healthcare institutions’ approaches to threat defence. In this article, we will explore the most common threats facing hospitals and healthcare providers, as well as the paradigm shift that is necessary to equip these organisations against cybercriminals.

    Looking for a quick buck: ransomware

    Ransomware attacks are rampant across all sectors, but a recent report by Checkpoint Security revealed that this type of attack is of particular concern for healthcare institutions. In January 2021, ransomware attacks against healthcare orgs had jumped about 45% since early November the previous year. The spike followed an alarming 71% increase in the October of 2020. According to the same report, at the beginning of this year healthcare providers were facing an average of 90 attempted attacks every single day.

    The reason behind cybercriminal’s determination to breach the security of hospitals and healthcare providers is simple: leverage. There is nothing that will motivate a victim to pay up more than endangering the health and safety of individuals. Furthermore, the value of medical information is even higher than other types of personal identifiable information. Double-extortion ransomware, whereby threat actors steal data before encrypting their target’s systems, has become the norm among cybercriminal gangs. This allows them to monetise on their efforts twice, first by asking for a payment to decrypt the data and then by threatening to publicly release the stolen information.

    Nation-state sponsored espionage and disruption

    The Covid-19 pandemic launched nations into something like a new “space race”, with foreign powers competing to triumph over therapy, prevention, and vaccine development. Already valuable clinical trial and research data became even more appealing to state-sponsored threat groups, so much so that in early October 2020, Philadelphia-based medical software company eResearch Technology was hit with a ransomware attack believed to have been orchestrated by a nation-state actor. In that instance, attackers were able to shut down a number of clinical trials eResearch Technology provided tools to.

    IoT and operating systems

    Medical devices, just like operational technology, run an operating system. When these machines are connected to the network, they can be targeted by an attacker motivated to disrupt normal functionality.

    Thankfully, an attack on an MRI machine or an insulin pump hasn’t been recorded yet, but proof of concept demonstrations have been conducted by well known hackers, who have proven that this eventuality is not as far-fetched as it seems.

    The matter is made worse by the fact that the OS running on these machines is often locked in, meaning that it can’t be patched, and agents-based endpoint security solutions, such as EDR, can’t be deployed on them.

    How deception helps

    Attackers might dispose of sophisticated tools and tactics, but the secret to beat threat actors is to think like them. Rather than repeating the somewhat depressing mantra about organisations having to be right all the time while bad actors only need to be right once, we need to shift security postures to make sure we make it too time-consuming and expensive for a hacker to launch an attack.

    Improving detection capabilities is a key component of shifting this paradigm, and deception can be an invaluable tool to achieve it. Rather than limiting detection capabilities at the endpoint level, and rather than relying solely on signatures, deception allows organisations to stop lateral movement, even when other layers of defence have failed. By distributing deceptions that mimic genuine IT assets throughout the network, attackers are essentially trapped in a net of fake connections that will trigger an alert if an exploit is attempted. Instead of relying on traditional signatures, deception technology alerts are generated by real attacker movements within a network.

    Alerts are generated in real time, meaning that the IT team will know about an attack as it starts unfolding and will be able to mitigate the incident before any critical system can be accessed.

    As threats continue to mount for organisations in the healthcare sector, understanding the mindset of an attacker and implementing a strategy that can flag suspicious behaviour in real time, whether around or within the perimeter, is literally a matter of life or death.

    Key Takeaways

    • •Healthcare faces higher cyberattack costs than other sectors.
    • •Ransomware attacks on healthcare have surged by 45%.
    • •Nation-state actors target valuable clinical trial data.
    • •IoT devices in healthcare are vulnerable to attacks.
    • •Double-extortion ransomware is a growing threat.

    Frequently Asked Questions about A matter of life or death: security challenges for the healthcare industry

    1What is the main topic?

    The article discusses cybersecurity challenges in the healthcare industry, focusing on ransomware and data breaches.

    2Why are healthcare organizations targeted?

    Healthcare organizations are targeted due to the high value of medical data and the critical nature of their services.

    3What are double-extortion ransomware attacks?

    Double-extortion ransomware involves stealing data before encrypting systems, demanding payment for decryption and to prevent data release.

    More from Technology

    Explore more articles in the Technology category

    Image for Nominations Open: Best New Digital Wallet 2026
    Nominations Open: Best New Digital Wallet 2026
    Image for Best Digital Wallet 2026: Nominations Now Open
    Best Digital Wallet 2026: Nominations Now Open
    Image for Bessemer Venture Partners Poured Millions Into Litify; Here's Why One of the World's Top VCs Thinks This Platform Will Dominate Legal Tech
    Bessemer Venture Partners Poured Millions Into Litify; Here's Why One of the World's Top VCs Thinks This Platform Will Dominate Legal Tech
    Image for HID Announces Converged Credentials Solution Bridging Physical and Logical Identity Across the Enterprise
    Hid Announces Converged Credentials Solution Bridging Physical and Logical Identity Across the Enterprise
    Image for How Can AI-Powered Customer Support Improve Fintech Operations?
    How Can AI-Powered Customer Support Improve FinTech Operations?
    Image for Infosecurity Europe announces former Ukrainian Minister of Foreign Affairs, Dr. Dmytro Kuleba as headline keynote as 59% of cybersecurity leaders say geopolitics Is hindering European collaboration
    Infosecurity Europe Announces Former Ukrainian Minister of Foreign Affairs, Dr. Dmytro Kuleba as Headline Keynote as 59% of Cybersecurity Leaders Say Geopolitics Is Hindering European Collaboration
    Image for Showcasing Digital Leadership – Best Bank for Social Media 2026
    Showcasing Digital Leadership – Best Bank for Social Media 2026
    Image for Innovation Through Partnership: The Role of External Tech Teams
    Innovation Through Partnership: The Role of External Tech Teams
    Image for Nominations Open for Technology Awards 2026
    Nominations Open for Technology Awards 2026
    Image for Nominations Open for Innovation Awards 2026
    Nominations Open for Innovation Awards 2026
    Image for Archie earns industry recognition across G2, Capterra, and SoftwareReviews
    Archie Earns Industry Recognition Across G2, Capterra, and SoftwareReviews
    Image for The Bankaool Transformation: How a Regional Mexican Bank Became a Fintech Disruptor
    The Bankaool Transformation: How a Regional Mexican Bank Became a FinTech Disruptor
    View All Technology Posts
    Previous Technology PostThe Three Technologies Driving the Future of Accounting
    Next Technology PostDhl to Operate Honor’s Smart Devices Distribution Hub for Middle East and Africa