Healthcare Sector Sees Growing Cybersecurity Needs

Posted May 11, 2023 by Sayers 

As cyber threats increase in frequency and sophistication, the healthcare sector has the unwanted distinction of being the industry most targeted by ransomware attacks.

According to the FBI Internet Crime Report 2022, healthcare and public health reported the most ransomware attacks to the FBI Internet Crime Complaint Center compared to any other critical infrastructure sector. The healthcare and public health category accounted for nearly 25% of the year’s 870 ransomware complaints. 

Those threats combined with the high-stakes responsibilities of healthcare organizations make healthcare cybersecurity even more vital. Healthcare organizations must protect patient safety and privacy, ensure medical systems and services stay available, and remain compliant to a heavy load of regulations.

A wide range of healthcare organizations are looking to strengthen their cybersecurity posture, including hospitals, university health systems, private healthcare systems, healthcare certification groups, health insurance organizations, and medical manufacturing companies.

The Unique Cybersecurity Needs of Healthcare Organizations

Regardless of industry, organizations turn to cybersecurity technologies and services to protect mission-critical systems, business applications, and sensitive data from malicious digital attacks. The healthcare sector must be especially vigilant due to several factors inherent in the industry, including:

Patient Trust. Compared to a more traditional IT environment, technologies used in healthcare require a higher level of standards and rigor because they support patient care. Gerry Wollam, Sayers Senior Cybersecurity Solutions Architect, says:

“Healthcare clients are in the most vulnerable state of their lives, so there’s an intrinsic trust between the healthcare organization and their customers. They have a patient-first mentality, and having a world-class infrastructure is an important part of maintaining that trust.”

Regulatory Requirements. Given the importance of patient care and patient privacy, the healthcare industry is heavily regulated and continually monitored to stay in compliance or face large monetary penalties.

A Conservative Approach to Technology. The life-and-death aspect of healthcare means organizations demand technology proven to be reliable. Some healthcare organizations have fallen behind the curve on adopting public cloud because of concerns they had before public cloud security tools matured.

Internet of Medical Things (IoMT). IoMT includes pumps, monitors, and scanners running in closed, proprietary operating systems. In this environment it’s more challenging to install and run a new cybersecurity application that might block something it thinks is a risk but actually is needed as part of patient care.

Unique Hardware Requirements. Healthcare environments require some hardware to go beyond consumer or business-grade standards, such as having the ability to be sterilized, or  be without magnetic parts due to proximity to an MRI machine.

A Security Topology That Balances Multiple Needs. The arrangement of devices in healthcare organizations has to prevent someone from maliciously or accidentally acting on those devices. At the same time, staff want to be able to quickly move devices where they need to go without having to involve IT. 

“I’ve encountered flat networks where the control systems are on the same network as some healthcare systems. That’s because the healthcare organization doesn’t want to move a device providing necessary care to a patient and then realize there’s a firewall getting between this device and the command module located in another area.”

Joe Schnell, Sayers Senior Cybersecurity Architect

Top Cybersecurity Priorities In Healthcare 

Healthcare organizations continue to face advanced cyber threats, requiring them to mature their security practices to protect their patients, systems, and data.

At Sayers we’ve seen similar cybersecurity priorities among our healthcare clients, covering areas including:

  • Attack surface visibility and management. IoMT includes a wide variety of devices with various levels of manageability. In some healthcare organizations, doctors are contractors rather than employees and tend to bring their own devices to connect to the network, further growing the attack surface. Wollam says:

“Having so many IoMT, IoT, and OT devices connected to their network creates a huge attack surface. Many of these medical devices are connected to their network and also to a service provider that manages them.”

Technologies such as Axonius and other attack surface tools that give visibility to better inventory and audit those devices have become a priority in healthcare environments.

  • Protection from ransomware attacks. Healthcare is not only one of the most heavily attacked industries by ransomware, but also has seen incidences continue to increase.  A Sophos report found 34% of healthcare organizations globally were hit by ransomware in 2020. A year later, ransomware attacks almost doubled to 66% of healthcare organizations being attacked. The average cost of a data breach in healthcare recently topped $10 million, more than any other industry. 
  • Business continuity. “Healthcare organizations contact us to talk about business continuity plans, because they’re realizing they might not be prepared to provide the level of patient care needed if they were hit by a calamity such as ransomware,” says Kevin Finch, Sayers Senior Business Continuity Architect. 
  • Integrations due to industry consolidation. A number of acquisitions and mergers in the healthcare industry, especially among hospitals, has made integrations between multiple facilities a priority.

Healthcare Organizations Initiate A Range Of Cybersecurity Projects 

In addition to infrastructure and cloud projects, healthcare organizations over the past year have turned to Sayers for cybersecurity projects including:

  • Risk audits 
  • Attack surface security 
  • Secure access service edge (SASE)
  • Threat and vulnerability management solutions 
  • Firewall services and lifecycle management 
  • Privileged access management solutions and services
  • Endpoint security solutions and services
  • Network access control
  • Web application firewall
  • Distributed denial of service (DDoS)
  • IoT/ IoMT
  • Managed detection and response (MDR) / managed security service provider (MSSP)
  • Application security
  • Data protection
  • Cloud security
  • Encryption

Questions? Contact us at Sayers today to learn more about how we partner with our healthcare clients to protect their organizations with solutions and services for cybersecurity, infrastructure, and cloud.


  • Atlanta
    120 W Trinity Pl
    Decatur, GA 30030
  • Bethesda
    10319 Westlake Dr., Suite 248 Bethesda, MD 20817
  • Bloomington
    1701 E Empire St Ste 360-280 Bloomington, IL 61704
  • Boston
    25 Walpole Park South, Suite 12, Walpole, MA 02081
  • Chicago
    233 S Wacker Dr. Suite 9550 Chicago, IL 60606
  • Philadelphia
    104 S. 20th Street, #V36 Philadelphia, PA 19103

Have a Question?

Contact us