Cyber attacks are increasingly targeting the healthcare sector. This slows patient care and even increases mortality rates. But without knowledge of threats, you cannot defend yourself. Preparation is therefore crucial, stresses Jort Kollerie of Orange Cyberdefense.
A cyber attack, no company is waiting for that. Yet it happens every so often. According to Orange Cyberdefense's Security Navigator 2025, the number of cyber incidents has increased by as much as 50 percent in the past year. In this regard, healthcare emerges as one of the most attacked sectors. After all, patient records are worth a lot of money because of the highly sensitive nature of the data, making them an attractive target for cybercriminals. The consequences directly affect patient care.
Emergency Room
Speaker Jort Kollerie at Zorg & ict 2025 makes a comparison with the emergency room. There, doctors and nurses immediately shoot into action mode when a critical patient comes in, a scenario that also plays out in the digital world in the event of a cyber attack, the strategic advisor of Orange Cyberdefense knows . "In the emergency room it is then immediately all hands on deck, specialists work according to protocols and act in the right order. This is also how it works with cybersecurity, where cooperation is also crucial. Only here the process side is often lacking and that can cost lives."
Good preparation
So how do you prevent your organization from ending up in the digital emergency room? "You can't defend your organization if you don't know what's coming at you," Kollerie argues. So it's important to be well prepared for any cyber attack. Such an attack can come from different angles, ranging from the cybercriminal who takes advantage of the opportunity, the hacker who targets low-hanging fruit and the insider who deliberately passes on information, to the so-called advanced attacker."
The latter category is the most difficult to tackle, as it often involves attacks from countries or armies. "Take Russia, which recently tried to hack the WiFi network of the Ministry of OCW. You do pretty little against that." According to Kollerie, wifi networks within organizations, by the way, are often the most poorly secured.
Defense Strategy
In addition, an organization must be able to empathize with the cybercriminal. "Think about what their path and motive might be. What is there to get from you? Money? Knowledge? Bitcoins? Are they attacking through the server or through the Cloud? Only when you have those kinds of things well mapped out can you create an effective defense strategy."
Such a strategy consists of five main themes: anticipate threats, identify risks, protect your organization, detect attacks and respond to incidents.
Train, train and train again
Yet many organizations are still more focused on technology than security, Kollerie argues. He advocates that security should grow with the organization and developments. "There is no such thing as 100 percent security, nor can you prevent cyber attacks 100 percent. But you can do a lot about it, by proactively solving gaps."
It's all about maturity, concludes the strategic advisor, who insists on training, training and more training. "Trained people can handle more than the untrained."
Good Advice
Finally, he gives healthcare organizations some good advice: "Start as soon as possible with improving your processes and start small. A child also doesn't play with LEGO Technic right away, but first with DUPLO."
This is an article by Dutch Health Hub. Want to keep up with all the news from the healthcare industry? Then take a look at the hub and sign up for the weekly newsletter.
↗
