Rajesh Muru, Principal Analyst at GlobalData, commented:
“The COVID-19 pandemic has created further challenges in the healthcare sector as IT business units prioritize IT budgets and focus on business continuity in running IT under the new norm. From an enterprise architecture perspective, having tighter integration across the IT environment is positive in terms of creating agility and having tighter data integration. However, it makes the network vulnerable to cyberattacks such as email phishing, ransomware, denial-of-service (DDoS) attacks and network data breaches.”
The healthcare sector’s reliance on the internet as its IT backbone is a key reason it is the subject of cyberattacks. This covers Hospital Information Systems (HIS) entailing laboratory information systems (LIS), policy and procedure management systems (PPM), personal health records (PHR), radiology information systems (RIS), and more importantly, email servers. This also covers a number of endpoint devices entailing various patient-monitoring equipment that either connects to the internet or via legacy dispersed networks that are often unpatched.
Despite the challenges faced by enterprise IT and security heads in the healthcare sector, in the last two years leaders have demonstrated a desire to take positive steps to increase security measures across enterprise IT and networks. GlobalData is also seeing a greater proportion (5-10%) of the IT budget spent on cybersecurity. However, a number of barriers still exist in providing greater levels of security.
“Organizations in the healthcare sector should not be complacent and must consider options to address the security gaps that currently exist in their IT healthcare ecosystem and look for early wins.”