Healthcare pays the highest price of any sector for cyberattacks — that's why cyber resilience is key
No industry needs cyber resilience more than healthcare — the lives of individuals and fates of entire organizations hinge on it. Image: Shutterstock
- The healthcare industry has become a prime target for cybercriminals due to the vast amount of sensitive patient data it holds and the criticality of its operations.
- In 2023, the healthcare industry reported data breaches costing an average of $10.93 million per breach — almost double that of the financial industry, which came in second with an average cost of $5.9 million.
- Cyberattacks on healthcare organizations can put patients’ lives and entire organizations at risk.
The healthcare industry has become the prime target for cybercriminals due to the vast amount of sensitive patient data it holds and the criticality of its operations.
The sector has been rapidly adopting digital technologies such as electronic health records (EHRs), telemedicine and Internet of Things (IoT) devices. While these technologies bring numerous benefits, they also expand the attack surface, providing more entry points for cybercriminals.
In 2023, for the 13th year in a row, the healthcare industry reported the most expensive data breaches, at an average cost of $10.93 million, which is almost double that of the financial industry, which came second with an average cost of $5.9 million. Protecting these digital assets is essential to maintaining the confidentiality, integrity and availability of patient information.
Modern healthcare systems and cyber resilience
Modern healthcare relies on interconnected systems and networks for efficient delivery of services. The interconnected nature of these systems means that a security breach in one part of the network can potentially compromise the entire healthcare infrastructure. Ensuring cyber resilience is essential for maintaining the continuity of operations and preventing cascading failures. Cyberattacks on healthcare systems can have direct implications for patient safety.
Disruption of critical healthcare services, manipulation of medical records or unauthorized access to medical devices can put patient lives at risk. Cyber resilience measures are essential to safeguard patient safety and prevent harm.
But they are also an existential risk to healthcare organizations. This was demonstrated in June 2023, when St. Margaret's Hospital in the US became the first healthcare institution to permanently cease operations due in part to the fallout of a ransomware attack. In the same month, HCA Healthcare — which operates 180 hospitals and 2,300 ambulatory sites — was breached, affecting as many as 11 million patients.
Between January 2020 and February 2021, of the 293 breaches known to have exposed health records, 57.34% of the affected organizations have publicly disclosed how many records were exposed. The number of records exposed in this period reached a total of nearly 106 million records. So, barring duplicates, the equivalent of 1 in 3 Americans may have had their health record breached in the 14 months that were analysed.
In 2015 Anthem Inc. disclosed that hackers had stolen 79 million records containing patients and employee data. Compromised data included names, addresses, Social Security Numbers, birth dates, medical IDs, insurance membership numbers, income data and employment information. Anthem faced several civil class-action lawsuits, which were settled in 2017 at a cost of $115 million.
Healthcare providers hold a position of trust in society. The extraordinary degree of sensitivity of the data, and the high degree of public expectations towards the sector, means that any compromise of patient data or disruptions in services erode this trust and can damage the reputation of healthcare organizations. Cyber resilience is essential for maintaining the confidence of patients, partners and the public.
The convergence of increased cyber threats, the digitization of healthcare, interconnected systems, patient safety concerns, regulatory requirements, financial implications and the importance of maintaining public trust collectively underscore the critical need for cyber resilience in the healthcare sector.
Why sector-wide cyber resilience is key
Given the criticality, scale and inter-connectedness of the healthcare industry, it is clear that no single organization or government entity can tackle the issue of cybersecurity alone. A collaborative and systemic approach within the ecosystem is key — cyber resilience must be viewed beyond just the confines of any one organization.
Public and private sector collaboration is crucial for building cyber resilience in the healthcare industry. Taking a systemic approach to cybersecurity involves recognizing that the healthcare ecosystem is an interconnected network of organizations, technologies and individuals. Building cyber resilience requires not only protecting individual entities but also ensuring the robustness of the entire ecosystem to withstand and recover from cyber incidents.
During the Cyber Insecurity, Analysed workshop at this year's Annual Meeting in Davos, leaders focused on three key priorities: Educating boards and engaging leadership on the importance of cyber resilience; building relationships and communities between organizations to secure the ecosystem; and developing an industry playbook that includes shared practices amongst the different stakeholders.
These findings are relevant to the healthcare industry and will directly contribute to making it more cyber resilient.
But across other industries, too, there are resources available to bolster cybersecurity. The World Economic Forum’s Cyber Resilience Initiative across industries enhances resilience by:
- Building awareness among leaders: Educating and creating awareness among decision-makers to reinforce the vital importance of cybersecurity as a strategic priority.
- Mobilizing action to secure the digital transformation: Fostering discussions to mobilize action and commitment to enable a safe and resilient digital transformation of industries.
- Developing thought leadership, tools and capabilities: Generating insights, capabilities and tools to embed cybersecurity aligned with strategic trends and best practices.
At a glance: the Cyber Resilience Initiative
Current Initiatives:
Upcoming Initiatives:
Cyber Resilience in Cities
Cyber Resilience in Transportation
Past Initiatives:
Engaging with the Cyber Resilience Initiative
The World Economic Forum Centre for Cybersecurity’s objective is to support every individual and organization to securely benefit from ongoing digital and technological progress.
The Centre for Cybersecurity provides an independent and impartial platform to reinforce the importance of cybersecurity as a strategic priority and drive global public-private action to address systemic cybersecurity challenges. The Centre welcomes organizations from the private sector, public sector, civil society, academia and international organizations who can share expertise and thought leadership to build a more resilient future.
Don't miss any update on this topic
Create a free account and access your personalized content collection with our latest publications and analyses.
License and Republishing
World Economic Forum articles may be republished in accordance with the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License, and in accordance with our Terms of Use.
The views expressed in this article are those of the author alone and not the World Economic Forum.
Stay up to date:
Cybersecurity
Related topics:
The Agenda Weekly
A weekly update of the most important issues driving the global agenda
You can unsubscribe at any time using the link in our emails. For more details, review our privacy policy.