Healthcare delivery organizations' (HDOs) cybersecurity was analyzed in a recent report by Asimily. The full report highlights the unique cybersecurity challenges that HDOs face and the true costs of their IoT and IoMT security risks. HDOs have a low tolerance for service interruptions to network-connected devices and equipment because of their crucial role in patient outcomes and quality of care.

Resource-constrained HDO security and IT teams continue to face operational difficulties in sufficiently securing critical systems from increasingly-sophisticated attacks, as their vast and heterogeneous IoMT device fleets complicate management and, left unchecked, offer a broad attack surface.

The report reveals the top cyberattack strategies impacting HDO medical devices right now: ransomware attacks that spread to devices and disrupt services, third-party-introduced malware that impacts device performance and devices communicating with unknown IP addresses to enable remote breaches. Cyberattacks on healthcare providers have become remarkably common: the average HDO experienced 43 attacks in the last 12 months. Unfortunately, many of those attacks are successful, with 44% of HDOs suffering a data breach caused by a third party within the last year alone.

Cyberattacks cost HDOs an average of $10,100,000 per incident. Cyber incidents are directly responsible for a 20% increase in patient mortality. Sixty-four percent of HDOs also reported suffering from operational delays, and 59% had longer patient stays due to cybersecurity incidents.

HDO security and IT teams face a high-risk environment where the average medical device has 6.2 vulnerabilities. Adding to this challenge, more than 40% of medical devices are near end-of-life and poorly supported (or unsupported) by manufacturers. HDO security teams are able to fix between five and 20% of known vulnerabilities each month.

Read the full report here.