The healthcare industry is increasingly dependent on digital technologies and interconnected medical devices, which has heightened the importance of cybersecurity. Given the growing dependence on technology in healthcare, there is a pressing need for increased spending on medical device security, a thorough understanding of the implications of expanding interconnectivity, and the need for robust cybersecurity measures, says GlobalData.
According to GlobalData’s latest report, “Cybersecurity in Healthcare – Thematic Intelligence”, the medical devices sector is experiencing a significant rise in cybersecurity spending, with growth projected at 12.9 per cent from $ 631.2 million to $ 1.2 billion between 2022 and 2027. This surge in investment is a response to the increasing number of cyber threats targeting devices in healthcare settings, which are often more vulnerable than IT infrastructure in other industries.
Ashley Clarke, Senior Medical Analyst at GlobalData, comments, “Healthcare is uniquely susceptible due to the value of personal data and the extensive network of connected devices. This network can include legacy systems with outdated security protocols and personal devices connected to health networks. In the event of a breach, there is an immediate need to restore compromised systems to ensure patient well-being. This makes medical devices an attractive target for cyberattacks. Investing in cybersecurity is critical to protect against these heightened risks.”
Data breaches in the healthcare sector are on the rise, with the US Department of Health and Human Services reporting a two-fold increase in affected individuals from 2022 to 2023, and a further 15 per cent increase in the first half of 2024 compared to the same period in 2023. This alarming trend underscores the urgency for healthcare providers to strengthen their cybersecurity protocols.
The healthcare industry’s shift towards interconnected systems and the Internet of Things (IoT) has also significantly heightened the need for advanced cybersecurity measures. GlobalData projects that 68 per cent of medical devices will be network-connected by 2025, expanding the risk landscape. This increased connectivity not only amplifies the number of potential entry points for cybercriminals but also raises the likelihood that a single vulnerability could lead to widespread disruptions.
Recently, a faulty software update from CrowdStrike resulted in IT crashes across healthcare devices worldwide, interrupting patient treatments, preventing access to patient electronic health records, halting data flow between diagnostic systems, and delaying emergency response teams.
Clarke concludes, “As healthcare systems become more advanced, the risk of a single point failure causing large-scale disruption of critical systems is growing. Implementing comprehensive security measures is essential to protect patient data, ensure uninterrupted care, and minimise the opportunities and impact of cyberattacks, especially given the industry’s reliance on monopolised, interconnected technologies.”