Moody's: Hospitals among industries with highest risk of exposure to cyberthreats

The four sectors at high risk of cyber exposure are banks, security firms, market infrastructure providers and hospitals, the report says. (Getty/PRImageFactory)

Hospitals are among the sectors facing the highest potential risks when it comes to a "rising tide" of cyberthreats, according to a recent report from Moody's Investors Service.

Four sectors that represent $11.7 trillion in Moody’s-rated debt outstanding are at high risk of cyber exposure including banks, security firms, market infrastructure providers and hospitals, the report says. That is based on an examination of vulnerability to cyber events or attacks and the potential impact in terms of disruption of critical business processes, data disclosure, and reputational effects. These sectors all significantly rely on technology and confidential information for their business.

"In our view, cyber risk is event risk and Moody’s sees a rising tide," the authors of the report wrote. "Digitization continues to increase, supply chains are becoming more complex and attacker sophistication is improving."

Free Daily Newsletter

Like this story? Subscribe to FierceHealthcare!

The healthcare sector remains in flux as policy, regulation, technology and trends shape the market. FierceHealthcare subscribers rely on our suite of newsletters as their must-read source for the latest news, analysis and data impacting their world. Sign up today to get healthcare news and updates delivered to your inbox and read on the go.

Hospitals represent $250.4 billion in rated debt, the report said, pointing to the sensitive and essential nature of the data collected and used by these entities and its attractiveness to hackers.


Among the concerns: pushes for interoperability. "Hospitals increasingly share data with various third parties, such as health insurance exchanges and other payors, necessitating the need to safeguard confidential information with modernized IT and security systems," the report said.


Patient data includes confidential medical records as well as Social Security numbers and insurance information. As a result, a data breach could create substantial legal risk for healthcare companies.


They also pointed to vulnerabilities from increasingly connected medical devices. "For medical device manufacturers, devices such as insulin pumps, defibrillators or cardiac monitoring are now in widespread use and increasingly rely on remote monitoring, which creates vulnerabilities," the authors of the report said.


The analysis, which looked at 35 industries, found nine with a total rated debt of $8.9 trillion were considered at medium to high risk of cyberthreats including electric utilities, health insurers and retailers.   

Suggested Articles

Anthem posted $1.18 billion in third-quarter profit, an increase of 23% over the prior-year quarter.

A pivotal House committee advanced Nancy Pelosi's drug plan, setting up a likely House floor vote in the near future.

The Office for Civil Rights is ramping up its focus on the Right of Access Initiative, which ensures patients timely access to their medical records.