KeyBank logo

Why is healthcare a prime target?

Let’s consider the three overriding reasons that healthcare institutions make such attractive targets for cybercriminals. 

Reason 1

Information magnitude

Compared to most other industries, healthcare keeps an extraordinary volume of data online 24/7.5

Reason 2

System obsolescence

Large numbers of healthcare organizations use outdated operating systems and vulnerable applications.
As of March 2020, more than half of medical data breaches involved imaging devices, most of which ran outmoded software.6

Reason 3

Security negligence

Most importantly of all, many healthcare-related institutions have simply “failed to address easily exploitable holes in their security defenses.”

What's the delay?

These observations raise the question: Why have so many healthcare institutions not given cybersecurity the attention and budget it clearly deserves? 

Many industry analysts believe the incredibly rapid expansion of both healthcare data and Internet dependence simply overshadowed the imperative to adopt robust, scalable security.

Inadequate security

A substantial number of healthcare executives today admit they need to do more about cybersecurity. In a recent study, when asked to assign a letter grade to their organizations’ cybersecurity quality, most healthcare chief information security officers gave themselves a “C.”8

By the numbers

Does the above assessment appear exaggerated? Then consider these facts: 

53% of healthcare organizations have undergone a PHI breach within the past year.9

On average, such a breach exposes over 7,000 records and costs $1.8 million.9

Test your knowledge

Many healthcare organizations use outdated operating systems and vulnerable applications.

Next Chapter

System obsolescence makes healthcare organizations an easier target for cybercriminals.

Next Chapter