The global health care industry has seen a dramatic increase in ransomware attacks in recent years. A key driver of this increase is the economy of cybercrime. It is a lucrative business, generating more than $1.5 trillion in revenue each year. This leads to an incredible profit considering the approximate average cost of access to a potential target is only somewhere between $400 and $0.0004. Nearly half of ransomware attacks also result in a data breach, making the following two incentives cybercriminals’ top choices: personal data sales, which net approximately $160 billion per year, and ransoms from ransomware, which bring in about $1 billion annually.
Most organizations recognize that cyber adversaries are not individual hackers anymore but highly organized cyber gangs, state-sponsored actors, and sophisticated crime rings. Although their attacks can take various forms and come from various places, their primary goal is typically the same: to cause as much damage to the target as possible so that the compromised organizations will pay their ransom.
Health care organizations should aim to enhance their cyber defense to make it more painful and costly for threat actors to attack. Ideally, this will involve focusing on five key areas: deterring perimeter breaches.
While a strong defense strategy is a key element of cybersecurity, your organization’s ability to respond to a breach is equally important. Short reaction times and the ability to start immediately responding to a ransomware attack significantly improve the organizational resilience, reduce the risk of being blackmailed, and might, in extreme cases, even save lives.
As the cyber threat landscape continues to evolve, health care organizations must adapt in stride. This means moving beyond detecting cyberattacks and protecting critical assets to honing the resilience to recover in the event of a breach.
By identifying your mission-critical services, understanding the interplay between your various systems, engaging in ongoing training, and continually refining your recovery maturity, you can go a long way towards thwarting attacks increasingly aimed your way.
To learn more about how Deloitte can help you, contact us.