Armis Acquires Silk Security

Learn More
Nov 21, 2023

What 2024 Could Have in Store for Healthcare Organizations

brand color blocks purple thumbnail
This blog is part of the 2024 Cyber Predictions blog series where Armis Experts share their thoughts on trends and technologies shaping the future of cybersecurity.
Check out all our 2024 predictive blogs →


As 2023 comes to a close, it’s important to look back on what took place and look forward toward emerging trends to anticipate what the future may hold.

When it comes to healthcare cybersecurity, healthcare providers continued to be a prime target for malicious actors in 2023, with major breaches impacting HCA Healthcare, New England Life Care, Inc., Managed Care of North America, Rite Aid Corporation, and others making headlines over the past year.

As we prepare for the year ahead, healthcare providers continue to find themselves in the crosshairs of bad actors. As such, it’s critical for security and IT pros to learn from past experiences to better position their organizations in light of the ever-evolving threat landscape. And, while it will continue to prove to be an uphill battle, I believe that healthcare security and IT pros alongside legislators and cybersecurity vendor partners will make great strides in the coming year. Below are my five healthcare cybersecurity predictions for 2024.

1. Malicious actors will grow more sophisticated and cyberattacks will come at a higher frequency

Ransomware attacks have not entirely ‘shifted’ from a spray and pray approach via phishing, but continue to incorporate targeted footholds and more complex attacks into environments. While Ransomware as a Service (RaaS) and ‘simpler’ ransomware attacks will continue to target the industry, we will see a rise in much more complex ransomware and other cyberattacks that target the largest healthcare providers in particular.

Generative AI is top-of-mind for security and IT pros at healthcare delivery organizations (HDOs), and a number of organizations are setting up committees to review AI capabilities – for offensive and defensive, and clinical care purposes. As the healthcare industry incorporates and innovates solution stacks with Generative AI, so too will its adversaries. Whatever is available to security and IT pros is also available to malicious actors – ransomware is a prime example of what can happen when a security capability – in this case encryption –  is flipped on its head and weaponized. The same technology employed to keep the bad guys out is being leveraged to block the good guys from accessing their files.

AI will help to advance patient care, but will also be used to drive more frequent, sophisticated attacks. It will be crucial in the new year for security and AI pros to expedite their own use of the technology, and its governance and security in order to better protect their organizations in light of this evolving threat.

2. An increased focus on medical device security will continue to proliferate into regulations globally.

Mandates, such as the  recent U.S. Food and Drug Administration (FDA) refuse-to-accept (RTA) policy, the UK National Health Service (NHS) Data Security and Protection Toolkit (DSPT) legislation, and other, similar guidelines being developed across Europe, are expanding the reach of medical device security regulations and will continue to do so. I believe we’ll also see a renewed focus on software bill of materials (SBOMs) requiring manufacturers to provide clear details of the software components used to build various assets. Additionally, we will continue to see developments and specificity grow for medical device security as more cybersecurity and critical infrastructure-centric regulations are drawn up.

While work remains to be done, these regulations are a great step toward mandating that cybersecurity be built into products and that organizations have regular assessments of the cybersecurity posture of their devices. And while there are growing pains (as with any new regulations), these pains are necessary to further grow cybersecurity at all levels and drive the industry forward.

3. Healthcare providers will continue to modernize their security strategies, prioritizing segmentation and defense-in-depth in 2024.

Network segmentation will remain one of the primary methods for increasing healthcare cybersecurity. A growing number of security and IT pros at HDOs will look to modernize their strategy and begin segmenting their network in 2024, if they have not already. Network segmentation is a massive and difficult project that can span many years before effective segmentation can occur. However, it also leads to the greatest level of risk reduction in a healthcare environment and is a pillar in a proactive risk reduction strategy.

Key to these projects is the proper planning and understanding that a segmentation project is a journey with multiple phases – discovery / inventory, behavioral and communication mapping, policy creation, prioritization, test / pilot, implementation and automation. A growing trend is the risk-based prioritization approach. This approach enables healthcare organizations to achieve a much faster ROI by identifying and prioritizing the segmentation of critical vulnerable devices first – particularly patient facing devices – to achieve maximum risk reduction upfront.

Additionally, defense-in-depth capabilities will start to emerge for newer medical devices. More clearly outlined security documentation and behaviors, embedded security capabilities, support for security software and solutions, and retiring of legacy systems in favor of newer more secure devices will all aid the segmentation and security process. As a result, segmentation will start to be augmented by other security capabilities now supported on newer medical devices, such as more frequent software patching and updates.

4. Medical device manufacturers will develop additional security partnerships and offerings.

Efficacy is still unknown at this time, but whether through professional services, technical capabilities, or new devices, medical device manufacturers have started focusing on cybersecurity initiatives for their new medical devices. In the year ahead, I believe medical device management service providers will place additional focus on providing remediation services for medical device security advisories. Healthcare organizations will also leverage MSSPs and partner or vendor services more in order to help scale their internal operations. Using this approach can help with offloading tasks, more rapid risk reduction, as well as sharing of information and best practices for maximum effectiveness.

5. The cybersecurity skills shortage-gap will widen.

AI is being further incorporated into technology stacks, particularly as cybersecurity vendors look to harness its innovative power. It will help streamline tasks, but organizations – particularly smaller healthcare organizations with less resources – will still suffer greatly from a cybersecurity skill and experience shortage. Not only in specific technical domains, but also on the ability to implement and systematically mature a healthcare cybersecurity program. Filling these gaps is critical, so HDOs will look to the help of external partners to support their security programs. A foundational recommendation here is to leverage security frameworks to help build a systematic approach to improving their security posture with prioritized security efforts. The key is to anchor the program in a framework based approach such as the NIST Cyber Security Framework (CSF) with regular reviews and gap analysis to form a guide on priorities and efforts for the year ahead.

Prepare for the year ahead

As security and IT pros sit down to prepare their professional new year’s resolutions, it’s important they remember they’re not alone in combating malicious actors targeting their organizations. Access to the best tools and technology can quickly solve some of the most pressing challenges in the healthcare environment and prepare it to face the challenges to come. Armis can help you see, protect, and manage your entire attack surface.

Read more about how Armis can help here:

2024 Cyber Predictions

Get Updates

Sign up to receive the latest from Armis.