[sonaar_audioplayer albums=”245278″ progress_bar_style=”default” wave_bar_width=”1″ wave_bar_gap=”1″ player_layout=”skin_boxed_tracklist” show_track_market=”true”][/sonaar_audioplayer]
The healthcare sector is one of the worst hit in the Middle East when it comes to cyberattacks. Therefore, the UAE is taking cognizance and coming up with a new set of regulations and policies that are way more stringent than before.
The sensitive nature of the healthcare sector makes it mandatory for the Middle East governments to bring out a stern regulatory approach. The data includes sensitive information such as financial transactions and health records which make it crucial for authorities to protect it by all means.
The healthcare sector is currently a top pick among ransomware groups. It is literally impossible for healthcare centers to afford the downtime and postpone critical operations for long. Because of the sensitive nature of the healthcare industry, hospitals and medical facility centers are more likely to oblige to the ransom demands. Apart from that, medical data is considered to be one of the priciest commodities in the black market. It is ten times more expensive than financial data.
What’s more concerning is that around 72% of the top-rated hospitals across UAE and Saudi Arabia have not yet implemented basic cybersecurity systems such as email authentication through the DMARC (Domain-based Message Authentication, Reporting and Conformance) protocol.
Abu Dhabi’s unique approach
Recently, Abu Dhabi released the second version of the Abu Dhabi Healthcare Information and Cyber Security (ADHICS) strategy. This contains detailed instructions to be followed by every healthcare facility, medical device manufacturer, insurance company, and other related organizations. The strategies are designed to protect sensitive details and information at all costs. Cybersecurity experts believe that ADHICS is a major step towards safeguarding the healthcare sector from cyber criminals and their sophisticated attacks.
The ADHICS strategy is designed to enable hospitals and other medical centers to embrace cybersecurity. The second version of ADHICS revolves around the six foundational pillars of cybersecurity: Governance, Resilience, Maturity, Innovation, Capabilities, and Delivery. The implementation document emphasizes the critical significance of the healthcare industry and believes that a lack of cybersecurity can end up hampering care delivery.
ADHICS not only focuses on IT but also takes care of technology, processes, and people who are closely intertwined with the healthcare sector. One of the major goals of this revamped cybersecurity strategy is to help the employees understand the cyber risks and deploy security systems in their everyday operations. The core idea is to prevent any kind of cyber mishap and eliminate any kind of delay that may happen because of a lack of knowledge.
Lessons to draw from the Abu Dhabi model
ADHICS is aligned with Abu Dhabi’s cybersecurity requirements. Other emirates may or may not follow the same strategies to safeguard their healthcare centers. However, the Abu Dhabi model can be used to set a great precedent for other emirates to follow. Every emirate is currently working on developing its own cybersecurity guidelines to keep cyber threats at bay.
GCC, or Gulf Cooperative Counci,l has been extra vigilant about cyber threats, given the sudden surge in threat attacks over the past few years. Certain industries are working closely with governments across the Middle East to come up with stringent regulations and norms.
In a recent study, Microsoft found out that a ransomware incident on a single hospital may lead to a chain effect, thereby creating ripples across other nearby and related medical centers. A single ransomware attack can delay medical services‘ arrival time. It can increase the waiting time by upto 48%. The data matches completely with what CISA (Cybersecurity and Infrastructure Security Agency) concluded back in 2021.
The significance of cybersecurity compliance for healthcare organizations
Cybersecurity compliance ensures that healthcare centers meet legal and regulatory requirements designed to protect patient data, digital assets, and organizational infrastructure. It goes beyond merely avoiding penalties—compliance fosters credibility and trust in an increasingly vulnerable digital landscape.
With the growing threat of cyberattacks, including phishing attempts, robust phishing protection measures are essential to safeguard sensitive information and maintain the integrity of healthcare systems.
Because of its rapid digital transformation, the Middle East is struggling to secure its crucial infrastructures from cyber threats. Compliance across the health sector at least ensures a greater sense of protection by adding an extra layer of security.
By complying with ADHICS and other similar cybersecurity regulations, healthcare centers across the Middle East can:
- Minimize the extent of damage that is caused by cyberattacks.
- Prevent instances of data breaches and consequent medical emergencies and delays.
- Establish a sense of credibility in the healthcare sector
Such regulations and norms are the need of the hour, especially across multiple sectors that are of critical significance for any nation. Other countries, too, should follow in the footsteps of the Middle East and work dedicatedly on developing strict policies to minimize cyber threats across the healthcare sector. Doing this not only secures the overall health infrastructure against cyber attacks but also brings peace of mind to the patients who are already distressed because of their ill health.