Building Network Resilience in Healthcare against Cyber-Attacks

Today's use of ever evolving digital technologies in the healthcare sector has led to an increased vulnerability to cyber threats that can lead to consequences beyond financial losses and damages to reputations. In 2021, the number of healthcare cyber-attacks worldwide averaged 109 per organization per week. The attacks affected 45 million people and cost an average of $4.6 million per attack. There are many recent examples of the detrimental effects of cyber-attacks on healthcare institutions and, consequently, on patients across the world. The blocked access to computer systems and electronic patient records systems led to patient transfers to other hospitals and surgery delays. In addition, medical staff were forced to revert to manual processes, cancel numerous outpatient appointments and shut down emergency rooms.

The interconnectedness of hospital IT systems through shared clinical data and infrastructure within a hospital network underscores the potential for cyberattacks in one hospital to cascade and impact others, highlighting the importance of making an entire hospital network resilient to cyber-attacks. A resilient hospital network is characterized by being prepared for, responding to, and recovering from such disruptive events in the most efficient, timely and cost-effective way with a special emphasis on patient safety. This research group is dedicated to deriving recommendations for selecting appropriate preparation and response actions to build resilience of an interdependent hospital network to ensure patient safety and business continuity.

This project is funded by the Helmholtz Association over the next five years.