This is the second installment in a three-part series exploring cybersecurity predictions for 2023. In the first piece, Michael Welch explored his predictions for GRC.
In this piece, Ferdinand Hamada, Managing Director, Healthcare, Pharmaceutical and Life Sciences Practice, MorganFranklin Consulting discusses 2023 cybersecurity predictions for healthcare. These include a focus on resiliency and protecting healthcare data and systems against advanced threats.
1. Cyber and Operational Resilience Become a Focus
Increasingly, cybercriminals are moving towards attack vectors that threaten an organization’s ability to sustain operations. Ransomware and similar attacks are predicated on the assumption that organizations will pay to bring a business-disrupting event to an end.
As these disruptive attacks become more frequent, organizations will focus on developing cyber and operational resilience strategies that allow them to securely maintain and restore operations in the face of a cyberattack or other incidents. Rigorous asset inventories, proven incident response strategies, and effective data vaulting will play a critical role in 2023 cyber strategies.
2. Healthcare Attacks Will Continue to Grow
Healthcare organizations are already one of the main targets of cyberattacks. In general, the healthcare sector has access to highly valuable information, and their IT networks commonly contain antiquated systems and Internet of Things (IoT) devices that are vulnerable to attack.
The healthcare and proprietary data held by healthcare, pharma, and life sciences companies will continue to be valuable to cybercriminals in 2023. As a result, the healthcare sector in general will continue to experience above normal threat and attack densities, a trend that will continue beyond 2023.
3. Supply Chain Attacks Are a Major Threat
Healthcare organizations often have complex supply chains. They are reliant on a variety of third-party applications and systems to collect, process, and store sensitive healthcare data. Additionally, joint ventures and alliances mean that smaller, less secure organizations may have access to the sensitive datasets of larger companies.
Cybercriminals commonly take advantage of these trusted relationships to simplify and scale their attacks. Like the SolarWinds attack, which exploited a trusted vendor to gain access to other organizations’ networks, cybercriminals will search for and exploit low-hanging fruit in their attacks. Healthcare organizations would do well to take inventory of their 3rd party dependencies, mapping critical relationships to risk.
How MorganFranklin Can Help
Healthcare cybersecurity and cyber resilience begin with a clear understanding of the risks that an organization faces. MorganFranklin experts can help healthcare organizations to identify their data security and supply chain risks and explore options for enhancing their cybersecurity and resilience.
This is the second piece in a three-part series describing 2023 cybersecurity predictions by MorganFranklin experts. Check out the first installment by Michael Welch and keep an eye out for an upcoming piece exploring cybersecurity for the finance sector by Perry Menezes.