For 2018-2019, the health sector’s average spending on cybersecurity was $16,800 (approximately £13,000). This is a monumental increase from the previous year’s average of $2,770 (approximately £2,100). This dramatic increase in spending has established the health and social care sector as the second-highest spender in cybersecurity, following the finance and insurance sector. The data from the UK government that indicates such a drastic increase in cybersecurity spending won’t come as a surprise to those who have read about, or been a victim of, the many high profile cyber-attacks of recent years.

Data breaches have become alarmingly frequent

Recent years have seen healthcare companies become victim to extensive, comprehensive, and ultimately detrimental cyber-attacks. In 2017, the WannaCry ransomware attack delivered a blow to a whole host of companies, consequently disrupting their production of vaccines and medicine. This cost Merck $135 million in lost revenue, and a further $175 million to bring their IT security systems up to speed. In 2018, it was announced that WannaCry cost the UK’s NHS £92 million as 19,000 appointments were cancelled. Another firm, Bayer, recently confirmed that they had suffered a cyber-attack (thought to be from the Chinese hacking group Winnti) that continued for up to a year.

Reports have shown that in 2019, over half of the UK’s firms have encountered a cyber-attack, and losses have been estimated up to £176,000. 2019 saw several high profile cyber-attacks, such as a large-scale attack aimed at the Labour Party and the British Airways attack that led them to be fined a record £183 million.

How firms can protect themselves from cyber-attack

The increasingly common occurrence of data breaches means that cybersecurity has to become a much higher priority for firms. In the current economic climate, with many suffering from cuts, IT cannot be an area that is scrimped on. Those that do not pay thorough attention to their cybersecurity risk leaving their systems open to potentially devastating attacks. Experts recommend that companies carry out regular and thorough assessments of their IT systems and equip themselves with the best software and training.

All firms should make sure they invest in up-to-date cyber protection software to give themselves the most efficient and far-reaching security. Cybersmart offers cyber-protection software that protects against 80% of cyber attacks, as well as Cyber Essentials and Cyber Essentials Plus certification. To prevent attacks, employees should be informed and trained on cybersecurity and the potential threats. Not only should firms ensure they have up-to-date, compliant anti-virus software with certification, but they should ensure employees are trained to use it and passwords are changed periodically.