Updated on 22 January 2016
Mr Bill Taylor-Mountford Vice President, Asia Pacific and Japan,
Singapore: As technology drives a revolutionary transformation in the healthcare industry buoyed by the latest innovations in cloud computing, analytics, Internet of Things and other disruptive tech trends, healthcare service providers, including insurers, are rapidly becoming targets of cybercriminals. In fact, the cost of healthcare data breaches could reach $5.6 billion in 2015 according to Experian's forecast. Earlier in the year, two major healthcare companies Anthem and Premera Blue Cross reported incidents of data breaches, raising the alarm on the healthcare industry's defenses against cyber threats. The risks are further highlighted by the industry's sentiment, with a recent survey by health IT group HIMSS revealing that 87 percent of healthcare officials and information security workers identify cyber security as an increasing business priority within their organisations.
So, why is the healthcare industry becoming an attractive target for hackers? I'd like to use a financial management analogy and look at the Time Value of Money to explain why.
In the early days, the most guarded data and information were kept within the defence industry that meant they were attackers' prime targets. The defence industry has since improved their cyber security measures, which then prompted the attackers to move to finance. The same thing happened in finance, then in energy, retail, and now healthcare. Attackers are often looking to spend minimal time, which usually means picking a low hanging fruit and gaining the maximum value out of it - most of the time of which, is stealing money or intellectual property, while keeping themselves anonymous and untraced.
The impact could be massive
Financial criminals are not the only ones who have vested interest in healthcare. As healthcare institutions treat all sorts of patients - be it a man on the street or high-profile country ambassadors and even heads of states - the fact is that a digitally connected healthcare ecosystem opens up a new vulnerability, whereby important healthcare information of virtually anyone can be compromised.
If any government or organisation wanted to kill off a political figure without anyone being the wiser, it may be possible to break into an easily hackable healthcare institution, traverse their network, find out where the target patient is and hack into their medical device and effect a potentially life threatening change to the equipment.