It is now almost universally accepted that the future of healthcare lies in artificial intelligence (AI), the internet of things (IoT) and cloud computing, but with advances in technology come new vulnerabilities that are spawning the growth of the cybersecurity market.
A new report by Frost & Sullivan projects that future U.S. healthcare IT spending is expected to increase across network perimeter protection, endpoint protection, access management, public-facing properties, detecting and mitigating exploits, and managed services, driving this market toward $8.70 billion by 2023.
Frost & Sullivan said the new report “The U.S. Healthcare Cybersecurity Market. Overcoming Barriers to Adoption In the Face of Increasing Threat,” provides essential healthcare cybersecurity market tracking data as well as revenue projections through 2023. “It also presents insights into the market drivers and restraints that will shape cybersecurity spending by healthcare IT over the next five years and the three big predictions for this market.”
Frost & Sullivan digital health research manager, Mike Jude said the healthcare market is a prime target of hackers looking for protected health information (PHI).
“The lack of cybersecurity expertise is prompting healthcare IT organizations to seek managed support, which, in turn, is accelerating the move to cloud-based computing services. To make optimum use of the opportunities, cybersecurity vendors need to develop solutions that integrate with existing healthcare IT systems and applications. The solutions must be able to accommodate and scale with new technologies such as IoT, cloud, and big data,” Jude explained.
The report forecasts that regulation such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH Act) will drive the adoption of cybersecurity solutions. The report also notes that the need to reduce access control complexity will increase demand for integrated security solutions, while more threats will drive consumers to demand protection of their PHI.
The demand for cybersecurity expertise is beginning to drive healthcare IT to managed service providers, the report continues. It also points out that new technologies will increase demand for security solutions that can accommodate them.
The report also offers some advice for the health industry, saying that “the industry has numerous niche players that deliver specific cybersecurity solutions to address various healthcare security concerns,” and advising that “to attain additional growth, there is need to apply integrated security across the clinical workflow instead of a collection of point solutions.”
Additionally, the report advises cybersecurity providers to issue solutions that can scale to potentially thousands of devices, offer endpoint protection for mobile devices, and establish flexible approaches for the acquisition of cybersecurity suites. It also advises the incorporation of capabilities that decrease complexity and increase productivity, enabling new forms of security management such as location-based access and biometrics and addressing the budget concerns of healthcare IT by offering flexible pricing models.
However, there are some factors stalling the growth of the cybersecurity market; chief among them being budgets for IT and cybersecurity–which are not growing as fast as the threat, as noted by the Frost & Sullivan report. The report also points out that healthcare IT is fragmented and lacks a standardized security approach, which complicates security investment priorities.
Cybersecurity is increasingly becoming a priority item in the healthcare industry, with the 2019 HIMSS U.S. Leadership and Workforce Survey report, showing that cybersecurity, privacy and security topped a list of priorities for healthcare workers and vendor organizations.
With cyber attacks becoming more commonplace, executives in the healthcare industry are looking for ways to enhance their security. To illustrate how serious the threat is, last year, the U.S. Department of Health and Human Services estimated that there there were more than 100 hacking or IT-related healthcare organization incidents affecting 500 or more individuals in the U.S. that year.
In addition, a report by Kaspersky Lab revealed that at least a third of healthcare workers in the U.S. and Canada said their companies had been targeted by cybercriminals and have been victim to ransomware more than once. Another report by Protenus counted 503 separate incidents in 2018, affecting nearly 15.1 million patient records. Of those, 139 involved people working inside the organization and 45 of those cases had malicious intent.