Hospitals need security baked into IT systems, Frost and Sullivan says
The total market for cybersecurity technology implemented by U.S. hospitals will expand at a compound annual growth rate of 13.6 percent between now and 2021, according to a new report from Frost & Sullivan. But health organizations need more than mere security tools.
As near-constant cyberattacks become the new reality, hospitals are realizing it's not just patient data at risk – they're seeing that ransomware and other viruses that compromise their IT systems could cause actual patient harm, the study, U.S. Hospital Cybersecurity Market: 2015-2021, shows.
Combined with the prospect of more rigorous regulatory oversight, shortages of IT security staff, and a threat environment that seems harder to get a handle on every day, the potential to cause patient harm is forcing hospitals to embrace more innovative security strategies and is opening up big business opportunities technology vendors.
[Ransomware: Victims have small window of opportunity to stop an attack dead in its tracks]
And not only security companies, but health IT developers of all types.
"Going forward, all health IT vendors serving the hospital market – and not just vendors of IT security solutions but application vendors as well – must recognize that the increased threat environment demands strong, baked-in security features," said Frost & Sullivan principal connected health analyst Nancy Fabozzi said in a statement.
While hospitals are just starting to engage with cybersecurity tools, they'll soon become more sophisticated about these very pressing demands, according to the report, and companies' offerings will be much more scrutinized.
"Vendors need to innovate to survive, building or buying advanced functionality and next generation capabilities as the market moves from protecting the walled garden to protecting a vast connected perimeter," said Fabozzi.
"Because of the increased risk of cyber-attacks of every type, especially phishing and ransomware, hospitals are transitioning from their traditional reactive and fragmented approach to protecting privacy and security that is highly dependent on HIPAA compliance to a new approach and mindset that is proactive, holistic, and coordinated, anchored by integrated solutions designed to protect multiple endpoints," she said.
Twitter: @MikeMiliardHITN
Email the writer: mike.miliard@himssmedia.com