A ransomware attack on Change Healthcare in 2024 exposed significant third-party risks in the US healthcare ecosystem, prompting urgent attention from entities to mitigate potential threats. The incident highlighted the systemic risk posed by supply chain vulnerabilities, which can have far-reaching consequences for healthcare organizations. As a result, entities must now carefully evaluate and address these risks to prevent similar attacks. According to Erik Decker, CISO of Intermountain Health and a federal cyber adviser, the attack served as a wake-up call for the industry, emphasizing the need for robust risk assessment and management practices1. The healthcare sector's reliance on complex networks and third-party vendors increases its susceptibility to such attacks, making it essential for organizations to prioritize cybersecurity and collaborate to share threat intelligence. This heightened awareness of systemic risk matters to practitioners, as it underscores the importance of proactive measures to safeguard sensitive patient data and prevent disruptions to critical healthcare services.
'Systemic Risk' Stalks Healthcare Sector
⚠️ Critical Alert
Why This Matters
healthcare ecosystem, the 2024 ransomware attack on Change Healthcare proved to be a supply-chain earthquake in showcasing critical third-party risk that entities now must.
References
- Bank Info Security. (2026, March 12). 'Systemic Risk' Stalks Healthcare Sector. Bank Info Security. https://www.bankinfosecurity.com/interviews/systemic-risk-stalks-healthcare-sector-i-5535
Original Source
Bank Info Security
Read original →