RSAC 2024: Join us at the Claroty Beats Hub.
Learn More
Claroty Toggle Search

Blog / 3 min read

Global Healthcare Cybersecurity Study Reveals Priorities and Challenges Amid Growing Connectivity

The Claroty Team
/ August 29th, 2023

As digital transformation has continued to drive growth across the healthcare sector via advancements in connected medical devices and clinical workflows, it has also been fueling cybersecurity risks that often outpace the benefits to patients and society as a whole. Healthcare organizations have dealt with unprecedented challenges in the face of these risks in recent years — and new data suggests that the trend has persisted into 2023. 

Specifically, to better understand how healthcare organizations are navigating the cybersecurity implications of digital transformation today, Claroty commissioned an independent global survey of 1,100 cybersecurity, engineering, IT, and networking professionals who work full-time in the healthcare sector. The results are now available in our new report, The Global Cybersecurity Study 2023: Priorities and challenges amid escalating cyber-physical connectivity. Highlights include: 

Cybersecurity incidents are plaguing healthcare, with alarming impact to cyber-physical systems (CPS), and ransom payments on the rise:

  • On a global basis, at least 78% of respondents experienced a minimum of one cybersecurity incident over the last year. 

  • 47% cited at least one incident that affected cyber-physical systems including medical devices and/or building management system devices

  • The financial ramifications were mainly between the $100,000 – $1,000,000 USD range with 26% reporting paying ransoms. 

Encouragingly, organizations have begun to expand their cybersecurity budgets to mitigate rising threats:

  • On a global basis, 51% of respondents reported an increase in their security budgets.

  • Of their priorities, patching vulnerabilities in medical devices tops the list of gaps to be filled, followed by asset inventory management, and segmentation of medical devices.

However, recruiting qualified cybersecurity personnel has proven difficult and cost savings are a must: 

  • More than 70% of organizations are looking to hire; however, 80% of those say finding qualified candidates is difficult.

  • Respondents point to optimizing device utilization as the biggest opportunity to trim costs.

Thankfully, organizations have also begun to focus on cybersecurity regulations and standards, which have fueled progress:

  • Regulatory developments, such as mandatory incident reporting, are cited as the most important external factor that influenced organizations’ overall cybersecurity strategy.

  • Globally, respondents found the NIST and HITRUST Cybersecurity Frameworks to be the most important to their organizations. 

Overall, the survey displayed that healthcare organizations are increasingly prioritizing cybersecurity and compliance. However, given the prevalence, variety, and impact of attacks, there are opportunities to strengthen their security programs further to ensure cyber and operational resilience. According to Yaniv Vardi, CEO of Claroty, “The healthcare industry has a lot working against it on the cybersecurity front—a rapidly expanding attack surface, outdated legacy technology, budget constraints and a global cyber talent shortage. Our research shows that healthcare delivery organizations need the full support of the cyber industry and regulatory bodies in order to defend medical devices from mounting threats and protect patient safety.”

Fortunately, as the study reveals, healthcare organizations are on the right track to ensuring cyber and operational resilience with strong security leadership in place, well-rounded security programs implemented, and the adherence to guidelines and frameworks from regulatory bodies. Recognizing there is more work to be done, they are also prioritizing investments in people, processes, and technologies to build resilience further and ensure compliance while delivering uninterrupted, quality care to their patients. Additionally, with the help of a CPS security provider, like Claroty, organizations can gain the tools they need to solve industry challenges and ensure their healthcare environment is protected from emerging cyber threats. 

To access the full set of findings and analysis, download the Global Healthcare Cybersecurity Study 2023 here.

Medical Devices Company News
Stay in the know

Get the Claroty Newsletter

Featured Articles

Interested in learning about Claroty's Cybersecurity Solutions?

LinkedIn Twitter YouTube Facebook