As our society has become increasingly reliant on IT services, our ability to protect our personal, financial and healthcare data has become equally important. According to the Institute for Critical Infrastructure Technology, the healthcare sector fell prey to more cyber incidents through data breaches than any other critical infrastructure area in 2015. The healthcare industry is rife with vulnerabilities for exploitation given the complexity and diversity of the healthcare ecosystem, which includes public and private players large and small as well as connected medical devices and software systems.
In May, the UK’s National Health Service (NHS) made headlines when their networks succumbed to the global WannaCry ransomware attack, which infected more than 400,000 computers worldwide and demanded payments of $300 to $600 to restore access to data on each scrambled system. While IT and executives deliberated on what to do, doctors and health practitioners were forced to revert to pen and paper after the attack impaired key systems. The New York Times reported that some affected hospitals turned away patients, delayed lab results and even cancelled surgeries, revealing just how acutely cybersecurity issues in the healthcare industry become patient safety issues.