Supply Chain, Cloud Compromise Worries Growing in Healthcare

7 months ago AndyC

Supply chain attacks and cloud compromises are now overshadowing ransomware as top cyberthreats worrying healthcare sector organizations – but all such incidents are still viewed as significant risks to patient outcomes and safety, said Ryan Witt of

Supply Chain, Cloud Compromise Worries Growing in Healthcare

Supply chain attacks and cloud compromises are now overshadowing ransomware as top cyberthreats worrying healthcare sector organizations – but all such incidents are still viewed as significant risks to patient outcomes and safety, said Ryan Witt of security vendor Proofpoint about findings from a new study conducted with research firm Ponemon Institute.

The study of 653 healthcare IT and security professionals released Wednesday found that concerns about ransomware as the top cyber threat have dipped.

Meanwhile, apprehension about supply chain attacks and other incidents affecting patient care has grown since the firms’ inaugural study on similar topics last year.

“Healthcare has a very strong supply chain network,” Witt said. “Many covered entities are wholly reliant on their vast number of business associates to go help them provide all forms of patient care – some that are directly involved in the patient care process, others that are enabling functions that support the broader institution.”

“It’s no surprise that the threat actors understand that ecosystem more and more, and they try to exploit those relationships,” he said in an interview with Information Security Media Group.

At the same time, the healthcare supply chain and public cloud are also increasingly linked, where third-party services, such as invoicing and medical supply distribution, interact with – or rely – on the cloud, he said.

“If you’re reliant on a business associate who’s providing some sort of key components or key aspects of the patient care process, like bandages and medication, and a supply chain attack is one of the reasons they are delayed, that definitely has an adverse outcome,” he said.

“The big takeaway is that there’s a growing recognition that there is a connection between a porous cybersecurity posture or challenges in a cybersecurity environment, and how that directly can impact patient care.”

In the interview (see audio link below photo), Witt also discusses:

  • Other key perceptions about cyberattack trends and related patient safety issues;

  • Why ransomware attacks likely declined as the top cyberthreat concern among survey respondents;

  • How healthcare sector entities should exercise vigilance against an anticipated surge in email phishing attacks and social engineering scams related to the Israel-Hamas conflict.

Witt, vice president at Proofpoint, is responsible for the strategy and solutions for the company’s healthcare business. He also chairs Proofpoint’s healthcare advisory board and is currently serving a two-year term on the HIMSS Cybersecurity, Privacy and Security Committee. Prior to Proofpoint, Witt held healthcare leadership positions at Fortinet and Juniper Networks and led both companies’ healthcare advisory boards.

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

Does a VPN Slow Down Your Internet Speed?

Does a VPN Slow Down Your Internet Speed?

4 hours ago AndyC
Was Your Last Online Transaction Safe? Strategies You Must Know For #DigitallySafe Banking

Was Your Last Online Transaction Safe? Strategies You Must Know For #DigitallySafe Banking

4 hours ago AndyC
<div>Tracking the Progression of Earth Hundun's Cyberespionage Campaign in 2024</div>

Tracking the Progression of Earth Hundun’s Cyberespionage Campaign in 2024

10 hours ago AndyC
I/O 2024: What’s new in Android security and privacy

I/O 2024: What’s new in Android security and privacy

22 hours ago AndyC
Sophos Firewall v20 MR1 is now available

Sophos Firewall v20 MR1 is now available

22 hours ago AndyC
<div>How to Set Up & Use a VPN on Android (A Step-by-Step Guide)</div>

How to Set Up & Use a VPN on Android (A Step-by-Step Guide)

1 day ago AndyC

You may have missed

Shine a Spotlight on Your Team’s IT Excellence with CIO Awards Canada

Shine a Spotlight on Your Team’s IT Excellence with CIO Awards Canada

34 mins ago AndyC

Email Security Reinvented: How AI is Revolutionizing Digital Defense

3 hours ago AndyC
Google fixes seventh actively exploited Chrome zero-day this year

Google fixes seventh actively exploited Chrome zero-day this year

3 hours ago AndyC
Santander: a data breach at a third-party provider impacted customers and employees

Santander: a data breach at a third-party provider impacted customers and employees

3 hours ago AndyC

Zero-Trust DNS – Schneier on Security

3 hours ago AndyC

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.