AI could help healthcare providers boost cyber defences

19 September 2023 5 min. read

The average cost of a data breach in the healthcare sector has increased by over 50% since 2020. Northdoor leader AJ Thompson explores how AI could help steel healthcare providers’ cyber defences and turn the tide on hackers.

IBM’s recent study into the cost of data breaches has highlighted the increasing cost for organisations that suffer a data breach in the healthcare sector. The report found that the average cost of a data breach is now at $10.93 million – representing an increase of 53.3% since 2020.

This is some way above the average cost of a data breach across all sectors, which sits at $4.45 million, and highlights just how impactful breaches on healthcare organisations are.

AI could help healthcare providers boost cyber defences

Healthcare is top of the average cost for a data breach when compared to other verticals and by some margin – well ahead of the financial sector at $.5.90 million, and the pharmaceuticals sector at $4.82 million.

There are a number of reasons for the huge difference in the cost of a breach. The sector is very highly regulated, which increases the cost immediately and is considered by most governments as a critical infrastructure.

The nature of the data held by healthcare organisations also means that it is an incredibly tempting target for cyber criminals. In the UK, one cyber-attack on the University of Manchester saw more than a million NHS patient’s details compromised and various NHS Trusts have been compromised, mainly by ransomware attacks.

It’s clear then that the healthcare sector is very much in the sights of the cyber criminals. The nature and perceived value of the data as well as some of the vulnerabilities that the sector experiences (particularly third party/supply chain attacks), means that healthcare organisations have to do more to protect themselves.

The IBM report also found that phishing and stolen or compromised credentials were the two most common initial attack vectors (the way for the attacker to enter a network or system) across all verticals. We have seen cyber criminals use increasingly sophisticated phishing attacks to target employees, who are often considered the ‘weakest link’ in the security defences of a company. This is reflected in the report with phishing attacks responsible for 16% of breaches and stolen or compromised credentials responsible for 1 %. These were followed by cloud misconfiguration at 11%, followed by business email compromised at 9%.

Companies, therefore, have to ensure that the weakest link in their security defences is strengthened considerably. The nature of the most recent phishing attacks means that employees have very little chance of being to filter out legitimate messages and malicious emails and need help in doing so. This is particularly important in the healthcare sector where any downtime can have a huge impact on frontline services, impacting, staff, but more importantly, patients.

AI response

The use of AI and automation solutions have had, according to the IBM report, a real impact for organisations that use such solutions extensively within their defences. On average those organisations with such solutions in place were able to identify and contain a breach 108-days shorter than those without. These companies also reported a $1.76 million lower data breach cost compared to organisations that didn’t have such capabilities.

While the cost of a data breach is a real worry for the healthcare sector, the ability to shorten the amount of time a breach impacts frontline services or lessens the amount of incredibly sensitive data stolen has to be a good thing.

One of the main routes in for cyber criminals alongside employees, is through third parties and healthcare suppliers. Supply chains in the healthcare sector tend to be incredibly large and complex and so many organisations find it almost impossible to have any insight into where vulnerabilities might lie in the network.

No matter how much is spent on frontline defences, if partners have not closed vulnerabilities within their own systems they are, essentially, opening the backdoor open for cyber criminals to gain access to healthcare data. Some are turning to AI-powered solutions to ensure that they have 360-degree view of their supply chain.

Current methods of ascertaining a partner’s or potential partner’s cyber security practices usually involves a questionnaire which relies on the knowledge and honesty of partners. This obviously is no longer an acceptable nor effective way of understanding the cyber defensive capability of healthcare supply chains. Using the latest technology such as AI to gain a near, real-time view of where vulnerabilities lie within their supply chains, gives healthcare organisations the opportunity to urgently speak to partners and close vulnerabilities before cyber criminals are able to take advantage of them.

While the report’s headlines will be focused on the ever-increasing cost of a data breach for most companies and particularly the healthcare sector, there are, as has been discussed, some positives. The impact that implementing AI solutions helps to cut the cost and amount of time to identify and deal with a breach and healthcare organisations need to start looking at such approaches if they have not already.

Cyber criminals are not going away and are only going to be increasing the number and level of sophistication of their attacks. Healthcare organisations must address the weak points of their defences, whether that be employees or vulnerabilities within their supply chain or be prepared to pay a huge cost and loss of critical frontline services.

Northdoor is an IT consultancy based in London. The firm was recently ranked among’s Top Consulting Firms in the UK, where it received a Gold rating for Data Science.