Healthcare Cybersecurity: Why PAM Should Be a Priority

Recent attacks on healthcare organizations such as UnitedHealth in the U.S., the National Health Service (NHS) in the UK, and the Hôpitaux de Paris in France have highlighted the need for healthcare institutions to navigate a landscape of constant change. Beyond adapting to shifts in public health, these organizations must also be prepared for evolving cybersecurity threats, often exacerbated by stolen identities or compromised privileged access. 

Whether facilitated through insider threat, external hacking, or employee negligence, all of the below pose serious risks to health organizations:

  • Malware and ransomware
  • DDoS attacks
  • Personal data breaches
  • Phishing

The healthcare industry is not unique in having to protect sensitive data from these threats. However, the nature of the industry makes it a high-profile target with a lot to potentially lose from breaches. This blog will explore the reasons why – and also explain why Privileged Access Management (PAM) is the best form of defense.

Why do hackers target healthcare organizations?

Like all sectors, healthcare has had to adapt to the digital and mobile era. There has been an increase in the use of electronic personal health data (ePHI) as well as rapid advances in technology. Mobile endpoints and self-service web portals have brought convenience to patients. And when you factor inpatient data moving to cloud-based storage and the increase in IoT-enabled devices – you begin to paint the picture of a complex and connected network.

These advances in technology all have the power to transform healthcare for the better. They have also led to a much-expanded attack surface and target-rich environment for hackers. Unfortunately, hospitals often have outdated and unsupported software, as well as a cybersecurity skills shortage. This increases their appeal as targets for hackers.

The stakes are high when it comes to data breaches within the healthcare industry. Patient confidentiality has long been a central pillar of medicine, making this data particularly sensitive. And healthcare organizations deal with this sensitive data on a huge scale. Patient records have a lot of value on the dark web and black markets: a health record can fetch a similar fee to stolen credit card details.

The cost of breaches for healthcare organizations

Investing in strong cybersecurity measures can yield significant savings for healthcare organizations. According to the 2023 Ponemon Institute report, the average cost of a healthcare data breach is now $10.93 million, significantly higher than the average across other industries. This underscores the heightened risks and costs specific to the healthcare sector. Moreover, the cost per record in a healthcare data breach has reached $408, compared to the global average of $165 across industries​ (Sources HIPAA Journal & Healthcare IT News). 

In healthcare, loss of data can lead to a literal life or death situation. The loss of medical notes or access to a vital piece of equipment could have serious implications for a patient. Research from the University of Central Florida showed that data breaches increased a hospital’s 30-day mortality rate. The need to retrain staff, upgrade software, and make other operational changes can divert resources away from patient care.

In addition, healthcare organizations can face severe penalties for failing to comply with security regulations such as HIPAA, HITECH, NIS 2 Directive and GDPR. Controlling privileged access is a key component of the expected security measures. Privileged Access Management (PAM) offers the most effective way to comply with regulations and protect healthcare organizations from mass data breaches.

How Privileged Access Management (PAM) can protect health organizations

Monitoring and auditing access to systems can be a challenge with employee churn and large amounts of systems and privileged data. The numbers and distributed nature of users within a healthcare organization make it difficult to effectively manage and monitor them. The larger and more complex a system becomes, the more privileged users are required. Privileged users can include:

  • Employees
  • External providers
  • Cloud providers
  • Automated machine users
  • Third-party contractors

A Privileged Access Management system such as the WALLIX PAM secures privileged accounts and allows healthcare organizations to proactively protect themselves. Controlling privileged access limits the moves a hacker can make after they’ve established a foothold in the network. This greatly diminishes their ability to move laterally within that network and access sensitive systems.

With the right privileged access security steps in place, a hacker’s capacity to escalate privileges and access confidential information such as patient records will be greatly mitigated.

Time to invest in PAM

Hospitals across the US, UK, and Europe have been subject to various file encryption and data breach extortion schemes. In 2024, a notable ransomware attack targeted Change Healthcare twice, severely disrupting their operations and highlighting vulnerabilities in the healthcare sector. The first attack by the ALPHV/BlackCat group caused significant delays in prescription services and a $22 million ransom payment. This attack blocked access to critical systems, including patient records and billing operations, leading to extensive operational disruptions. Shortly after, the RansomHub group claimed another 4TB of sensitive data, demanding further payment and impacting partners like Medicare and CVS-CareMark. The second attack further exacerbated the situation by halting insurance claims processing, causing delays in patient care and increasing the administrative burden on healthcare providers. Source ITPro & The Beacon.

In other cases, patient files were publicly leaked, presumed compromised, encrypted, and even deleted. These hacking incidents are varied in attack method, and there is no single solution to the problem. However, many attacks rely upon administrative access to execute – and these attacks are made much harder with a PAM system in place.

WALLIX PAM offers comprehensive monitoring, recording, and isolation of all privileged user sessions. This helps with regulatory compliance by giving healthcare organizations documented, auditable proof of their efforts to protect privileged access. When the behavior of privileged users is monitored and managed by a PAM system, health organizations’ data becomes more secure. That’s why PAM needs to become a priority.

Discover how WALLIX PAM can help secure privileged access to healthcare IT and medical device OT systems.