Strengthening cyber resilience in healthcare
Five ways to defend hospital operations under cyber stress
Sistem pelayanan kesehatan mengalami serangan yang terus-menerus
No matter how tough cybercriminals get, these five basic cybersecurity strategies keep hospital staff, administration, and operations cyber resilient.
Industri pelayanan kesehatan membutuhkan inovasi berkelanjutan untuk membantu tenaga kesehatan dalam mencapai hasil medis terbaik bagi pasien mereka.
Tak dapat disangkal bahwa aliran data medis dan operasional sangat penting dalam pemberian pelayanan kesehatan yang efisien, tetapi — aliran data tersebut juga memunculkan kekhawatiran besar akan keamanan dan privasi. Dengan meningkatnya kejahatan siber, penerapan langkah perlindungan keamanan data yang kuat dan /privacypolicy/ menjadi sangat penting.
Cyber incidents have proven costly, especially in the healthcare industry where handsome rewards can be reaped from obtaining patient data to use for identity theft, financial fraud, or ransomware. As of September 2025, the U.S. Office for Civil Rights had received 508 reports of healthcare breaches affecting 500 or more individuals for the year to date.
Mengamankan ekosistem pelayanan kesehatan
Sistem pelayanan kesehatan terdiri dari banyak pemangku kepentingan seperti penyedia pelayanan kesehatan, perusahaan asuransi, perusahaan farmasi, dan pemasok pihak ketiga. Setiap entitas memerlukan akses ke data pasien yang sensitif sehingga meningkatkan kemungkinan ancaman dari pihak internal dan pelanggaran data yang tidak disengaja akibat kesalahan manusia atau otorisasi yang tidak tepat.
While electronic health records, telemedicine, and other digital systems have simplified data access, sharing, and storage, they have also introduced new risks for cyber attacks and data breaches. Continued innovation in AI and data technologies can only boost the frequency and sophistication of cyber risks within the region’s healthcare industry. With more digital touchpoints introduced, malicious actors gain more avenues to launch attacks.
Achieving operational resilience in healthcare demands a strategic approach that extends beyond technical cybersecurity controls. It demands an integrated strategy that keeps systems running, protects access to patient data, and enables fast recovery when incidents occur. Here are five resilience-building approaches healthcare organizations can adopt:
1. Design for disruption, not perfection
Assume incidents will happen. Build systems that can degrade gracefully, for example, prioritize access to critical systems (EHRs, imaging platforms, staff portals) during an attack or outage. Define which workflows must stay online, and test those fallback procedures regularly.
2. Segment systems based on clinical impact
Don’t treat all assets equally. Segment networks and digital systems based on the real-world consequences of a failure, such as those used in emergency care, surgical planning, or telehealth. Limit access to each segment and monitor independently.
3. Ensure secure, anytime access for care teams
Doctors, nurses, and admin staff need access from hospitals, clinics, or home. Solutions like zero trust access can protect sensitive systems without requiring VPNs, enabling flexible yet secure access to patient data, even during disruption.
4. Expand visibility into third-party risk
From payment processors to imaging software vendors, healthcare orgs rely heavily on third-party providers. Build a risk register that includes partners, and evaluate their recovery plans and access methods. Shared accountability helps keep care delivery uninterrupted.
5. Run real-world resilience drills
Simulate cyber incidents just like disaster recovery plans. Tabletop exercises with IT, security, clinical ops, and leadership help teams understand roles and bottlenecks before a real crisis hits. After-action reviews can surface hidden dependencies or fragilities.
These strategies focus on keeping care moving, not just protecting data. Resilient healthcare systems are designed to withstand stress, reduce downtime, and ensure that even under cyber pressure, patient outcomes remain the top priority.
The key to establishing industry-wide standards and best practices is strong collaboration among healthcare stakeholders to address risk, maintain patient safety and privacy, and ensure the always-on availability of medical services. The evolving security landscape and increasing complexity of healthcare systems present significant challenges. However, adopting these strategies will enhance any healthcare organization's cybersecurity posture and mitigate risk.
Cloudflare untuk Pelayanan Kesehatan memberikan akses yang aman ke sistem internal bagi karyawan dan pihak ketiga, melindungi data pasien, serta mempercepat kinerja.
Artikel ini adalah bagian dari seri tentang tren dan topik terbaru yang berdampak terhadap para pengambil keputusan teknologi masa kini.
Dive deeper into this topic.
See how leading healthcare organizations secure the workplace while protecting patient care with the Achieving SASE success: 10 key milestones to get it right ebook.
Penulis
Jonathan Dixon
Wakil Presiden dan Direktur Pelaksana, APJC, Cloudflare
Poin-poin penting
Setelah membaca artikel ini, Anda akan dapat memahami:
Proses ketika lebih dari 100 juta orang terdampak oleh serangan siber di industri pelayanan kesehatan tahun lalu
5 strategi yang dapat diterapkan oleh organisasi Anda untuk menjaga agar staf, administrasi, dan operasional rumah sakit tetap memiliki ketahanan siber
Pentingnya kolaborasi antara para pemangku kepentingan sektor pelayanan kesehatan