Q&A with Andre Schindler, General Manager, EMEA at NinjaOne
How has the cyber landscape of the healthcare sector evolved in recent years?
Cyberattacks have been steadily increasing over the last few years. In 2024 alone, there have already been almost 8 million cyberattacks on UK businesses. The healthcare sector has been hit especially hard, with each successful breach costing on average almost $11 million, nearly double the cost of the average for the financial services industry.
One of the main challenges that healthcare providers face today is the lack of available budget, as well as limited resources and skills, to counter the incessant threat from bad actors.
As health services have implemented digital transformation initiatives to streamline operations with limited budgets, the number of endpoints within organisations continues to increase exponentially. Healthcare is a highly distributed sector, with employees and IT assets spread across offices, buildings and even campuses. This not only makes the job of IT teams more challenging, but also expands the attack surface and window of opportunity for bad actors.
From small primary care practices to large healthcare systems, IT teams often run incredibly lean – at times with one technician managing thousands of endpoints. Having so many endpoints across the network can present challenges when it comes to patching, resulting in both security and compliance issues.
Bad actors regularly target healthcare organisations because of the quantity and sensitivity of the data they hold. Once attackers have access to personal medical information, they can hold it for ransom and sell it on the dark web, or tamper with the data to cause disruption and mistrust within an organisation.
How does the increasing number of endpoints pose a threat to healthcare organisations?
Whilst necessary to improve the speed and availability of diagnosis and treatment, the increasing number of endpoints in healthcare organisations can also open up more attack vectors for those looking to compromise or abuse the systems assisting in care provision.
With AI and LLMs becoming more accessible, phishing attacks have become increasingly difficult to spot. Untrained staff can be more susceptible to phishing scams, and paired with an increasing number of endpoints, expose organisations to increased risk, making the management and security of endpoints even more challenging.
The implications of a cyber incident in the healthcare sector are huge. They are not only likely to result in huge fines for the responsible parties but can also erode public trust in the sector and put people’s data, and even lives, at risk.
What strategies or best practices would you recommend for healthcare organisations looking to enhance their cyber resilience?
For healthcare IT teams, ensuring endpoint security and creating a frictionless patient-provider relationship will be top priorities. They’re expected to effectively manage shared endpoints spread across buildings and sites, while supporting providers and staff at scale with limited resources. This can be a cumbersome task, and one which is only getting harder.
However, IT teams can lean on automated endpoint management solutions to streamline their efforts. Automated endpoint management gives IT teams one central source of truth, providing visibility over the full network in a single pane of glass, displaying maintenance and updates, security and backups, and most critically, a view of all endpoints which could pose a possible risk.
This also allows IT teams to automate processes such as patching and endpoint hardening without having to manually access machines, in turn, simplifying operations and alleviating the pressures of limited access to skills, resource and budget.
