Cyber Threats in Health Care: Key Strategies for Resilience

Explore insights into the growing cyber security challenges in health care and discover actionable strategies to safeguard sensitive data.

The health care and life sciences industries, known for their commitment to innovation, are facing an escalating battle against cyber threats. As digital transformation reshapes operations, the sensitive nature of patient data, intellectual property and operational systems makes these sectors prime targets for cyberattacks. During a recent panel hosted by Crowe LLP, cyber security experts Serge Jorgensen, Ben Ilnicki and Karen McDaniel shared their perspectives on the evolving challenges and practical strategies for managing these risks.

The evolving cyber security landscape

The health care sector has unique vulnerabilities stemming from its reliance on both cutting-edge and legacy systems. Jorgensen explained, “Threat actors are increasingly targeting health care and life sciences organizations because of the high value of the data and systems involved.”

Three primary challenges emerged from the panel discussion:

1. Integration of old and new systems. Many health care organizations depend on older technologies that can’t be updated, creating gaps in security when paired with newer innovations.
2. Balancing security with accessibility. While encryption is crucial, there are moments when data must be decrypted for clinical or operational use, creating opportunities for breaches.
3. Navigating global compliance. Life sciences companies operating internationally face diverse privacy laws and regulations, complicating the creation of unified security policies.

Overlooked risks that demand attention

Beyond these primary challenges, panelists highlighted risks that are often underestimated but can have significant consequences. Ilnicki pointed to access control as an area requiring constant vigilance. “Organizations establish access controls, but maintaining them as roles and responsibilities change is a critical challenge,” he noted.

Other risks discussed included:

1. Delayed patch management. Outdated systems that lack timely updates become prime targets for attackers.
2. Vendor oversight. Sharing sensitive data with vendors introduces risks if their cyber security practices are insufficient. Regular audits and robust vendor agreements are key.
3. Insider threats. Whether malicious or coerced, insider threats are a significant concern. Jorgensen emphasized the importance of “audit tripwires” and minimizing access privileges to reduce these risks.

Cyber security’s role in audits and reporting

For life sciences companies, cyber security isn’t just an operational issue; it’s a critical part of audits and financial reporting. McDaniel explained that public companies in particular must meet strict SEC requirements regarding cyber incident disclosures. “Understanding what constitutes a material event is essential,” she said, “and international operations add layers of complexity to these evaluations.”

McDaniel also stressed the importance of internal controls that prevent, detect and mitigate breaches. “Bad actors will get in,” she stated, “but having an incident response plan ensures you can detect and respond quickly to limit damage.”

From prevention to preparedness

In today’s cyber security environment, no organization can fully prevent attacks. Instead, the focus has shifted to minimizing impact and ensuring swift recovery. “It’s no longer about stopping every attack,” Jorgensen explained. “It’s about detecting issues quickly and enabling investigations to uncover how breaches occurred.”

The panel emphasized the value of multi-layered defenses, including regular audits, robust training programs and simulations. Ilnicki highlighted phishing simulations as a cost-effective way to test and improve employee awareness, adding, “It’s much cheaper to run a simulation than to handle an actual breach.”

Addressing global cyber security challenges

For organizations expanding internationally, cyber security strategies must account for varying regulations, technologies and risks. McDaniel pointed out that managing global partnerships and compliance can be particularly challenging, especially in areas like:

1. AI in clinical research. Ensuring AI applications meet regulatory requirements and maintain data integrity.
2. Data transfers across borders. Navigating conflicting regulations around data privacy and security.
3. Third-party risks. Assessing the cyber security measures of global partners to safeguard shared data.

Combating cyber espionage and securing data

Cyber espionage poses a growing threat to health care and life sciences organizations conducting high-stakes research. Jorgensen described tactics used by attackers, such as exploiting email communication and manipulating documents to gain access to sensitive systems.

To counter these threats, organizations must focus on:

1. Traffic monitoring. Detecting unusual patterns that could indicate unauthorized access.
2. Secure communication protocols. Encrypting communications and validating the integrity of shared data.
3. Data governance policies. Establishing clear guidelines for data disposal and integrity checks.

McDaniel underscored the importance of validating data to prevent manipulation and extortion, stating, “Ensuring the data you send is the same as what’s received is a foundational security measure.”

Telemedicine and digital health: Opportunities and risks

The rise of telemedicine offers significant benefits, but it also introduces new cyber security challenges. Ilnicki highlighted the need for strong encryption and secure storage solutions for patient data, emphasizing the importance of timely updates and patching vulnerabilities.

Jorgensen added that telemedicine’s reliance on clinician endpoints requires a holistic approach. “The devices used by clinicians need to be as secure as the network they’re connecting to,” he said. Collaboration across IT, legal and operational teams is critical to achieving this goal.

Building a resilient cyber security culture

A recurring theme throughout the panel was the importance of fostering a culture of cyber security awareness. Regular training, transparent communication about security policies and leadership commitment are essential for creating an environment where security is prioritized.

As McDaniel summarized, “Cyber security isn’t just an IT issue — it’s an organizational responsibility. Preparing for the inevitable and responding effectively when it happens is the key to resilience.”

The health care and life sciences industries face a complex and ever-changing cyber security landscape. With a proactive approach that combines robust controls, global compliance strategies and a culture of awareness, organizations can mitigate risks and protect their most valuable assets. By embracing preparedness and collaboration, they can continue to innovate while safeguarding patient trust and data integrity.