As healthcare digitises, patient data and systems face rising cyber threats. Long-lived, sensitive records, connected devices, cloud platforms, AI tools, and complex supply chains all expand risk.
Healthcare is a high-value target containing long-lived, monetisable data that can be exploited far beyond the risk posed by stolen credit cards.
Connected devices, cloud systems, supply chains, and AI-driven tools improve care but widen the attack surface.
Integrated, managed defences are essential to today’s security strategy. With Zero Trust principles, continuous staff training, and managed security services, organisations can strengthen protection and build lasting operational resilience.
Introduction
Cyberattacks on healthcare are escalating in scale and severity, threatening patient safety and operational continuity. The Change Healthcare breach—a ransomware attack on one of the largest U.S. healthcare technology providers—affected an estimated 192.7 million people, highlighting how a single disruption can ripple across entire health systems.1 In just the first half of 2024, 387 healthcare data breaches involving 500 or more records were reported—an 8.4% increase from the previous year.2 Healthcare organisations now face the dual challenge of advancing digital care while keeping essential services secure against relentless cyber threats.
Why healthcare is a prime target
Real-world examples show how even trusted software and platforms can be turned against manufacturers.Few industries hold data as sensitive and valuable as healthcare. Electronic health records (EHRs) are a goldmine for attackers because they contain demographic details, Social Security numbers, financial and insurance data, and clinical information—all of which can be easily monetised.2 Criminals can use this data to impersonate patients, obtain expensive medical procedures, prescription drugs, and government benefits, or even file fraudulent tax returns.
In contrast, stolen credit card numbers have a much shorter shelf life. Credit card companies monitor for fraud and quickly block accounts when suspicious activity is detected. While misuse is usually capped by these controls, healthcare data has an incredibly long lifespan and can be misused in multiple ways before detection. That window allows criminals to run up debts and commit fraud far beyond what is possible with a stolen credit card.3
Expanding attack surface
Healthcare’s shift to digital care is delivering faster diagnoses, data-driven treatment, and operational efficiencies. But the same technologies also multiply points of exposure.
Connected devices and medical IoT: Every infusion pump, imaging system, or bedside monitor connected to the network is a potential entry point. Compromise of these systems can disrupt care or even endanger patients. Protecting medical devices and IoT systems is now a critical priority.
Cloud systems and data platforms: Essential for collaboration and scale, but vulnerable to misconfigurations and credential theft that can expose millions of records.
Supply chains: The challenge extends beyond hospital walls: healthcare supply chains are vast and deeply interconnected, with 71% of APAC organisations managing between 501 and 50,000 suppliers, each a potential weak link.4
AI-driven tools: From accelerating diagnoses to reducing errors, AI is improving diagnostics and reducing human error.5 Yet these systems depend on vast datasets and complex pipelines that can be vulnerable to manipulation. Experts warn healthcare providers to “unlock the potential of AI — carefully.”6 If compromised, the impact isn’t limited to IT downtime — it can directly affect treatment decisions.
Building resilience behind the scenes
The stakes for healthcare security are rising fast. The global healthcare cyber security market is projected to more than double from $84.53 billion in 2023 to $174.79 billion by 2030, with threat intelligence alone growing at a 23.4% CAGR7. At the same time, regulators are tightening requirements around data security, privacy, and interoperability, raising the bar for compliance.6
Hospitals can no longer rely on point solutions or siloed defences. They need integrated, managed safeguards that scale with digital health ecosystems and operate quietly in the background. Meeting this challenge requires safeguards that work quietly in the background. Adopting Zero Trust Architecture2, establishing off-site backups and regular updates6, and enforcing clarity with third-party vendors4 reduce systemic risks. Equally critical is investing in people. Security awareness programs can reduce risks by up to 70%2. Without trained personnel, even the strongest technical controls can fail.
How always-on managed security works in practice
Protecting organisations with critical data requires an integrated, always-on defence. Managed security services provide unified visibility across networks and systems, enforce consistent security policies, and detect threats in real time to safeguard operations and business continuity. Singtel Managed Secure Service Edge (SSE) delivers these capabilities in a single platform designed to keep enterprises secure, resilient, and connected.
Unified digital platform: A 360-degree view across hospital networks, EHR systems, and IoMT devices to improve monitoring and decision-making.
Seamless service orchestration: Simplifies the rollout of security and access policies across cloud, on-premise, and third-party environments.
AI-powered threat detection: Continuous real-time monitoring and automated triage to reduce incident response times when patient safety is on the line.
24/7 expert support: Round-the-clock technical support, policy management, and escalation to ensure uninterrupted operations.
Consulting and professional services: Guidance to fine-tune policies and integrate SSE into complex healthcare IT environments.
Discover how managed security can strengthen your healthcare organisation’s resilience.
References:
Reuters, Hack at UnitedHealth's tech unit impacted 192.7 million people, US health dept website shows, 2025
CrowdStrike, CYBERSECURITY IN HEALTHCARE, 2025
The HIPAA Journal, Why Do Criminals Target Medical Records, 2023
HealthtechAsia, Why supply chain cyber defence is an urgent priority for healthcare in APAC, 2025
BCG, How Digital and AI Will Reshape Health Care in 2025, 2025
Autonomous defence in BFSI: why the network matters — Banking is moving toward more autonomous cyber defence as agentic AI takes on a growing role in assessing risk and guiding responses. Its impact depends on the ability to enforce decisions consistently across complex, hybrid environments, making the network a critical execution layer. As adoption expands, the maturity of data, cloud, and connectivity foundations will shape how effectively these capabilities operate at scale./business/insights/autonomous-defence-in-bfsi-why-the-network-matters
Network guardrails for the agentic era — As AI moves from answering questions to orchestrating workflows, enterprises must ensure appropriate governance. One emerging consideration is agentic drift, where autonomous agents act beyond their intended scope. Explore how Singtel’s Unified SASE Convergence platform applies Zero Trust principles at the network layer, treating AI agents as non-human identities with clearly defined access controls./business/insights/network-guardrails-for-the-agentic-era
Why the future of security is written in your data’s DNA — Security is moving beyond the perimeter towards the core cryptographic layer that defines trust across every transaction, device, and data flow. As quantum computing reshapes the threat environment, the durability of this data “DNA” becomes a true measure of resilience./business/insights/why-the-future-of-security-is-written-in-your-datas-dna
IDC MarketScape: APAC Managed SD-WAN/SASE Services 2025–2026 — We’re honoured to be named a leader in the IDC MarketScape: APAC Managed SD-WAN/SASE Services 2025–2026. This report offers clarity on where the market is heading, and what a trusted managed SASE partner should deliver./business/insights/idc-marketscape-apac-managed-sd-wan-sase-services-2025-2026
Singtel named Frost & Sullivan’s 2025 Singapore Cybersecurity Services Company of the Year — As cyber security becomes an infrastructure priority, Singtel’s integrated model gives businesses a more reliable way to secure and scale their digital operations. Frost & Sullivan’s 2025 report details why this approach earned Singtel the Singapore Cybersecurity Services Company of the Year recognition. Read the full report to learn more./business/insights/frost-and-sullivan-2025-sg-cybersecurity-services-company-of-the-year-report
Industry 5.0: The future of manufacturing in Singapore — Singapore’s manufacturing sector is entering a new era—one that’s intelligent, connected, sustainable and human-centric. Here’s what’s driving the change, and what leaders need to know./business/insights/industry-5-0-the-future-of-manufacturing-in-sg
