Breaking news and updates daily. Subscribe to our Newsletter!

Breaking news and updates daily. Subscribe to our newsletter

ENISA report: cyber attacks up by 47% in health sector

By Reporter
12 November 2021 | 1 minute read

The European Union Agency for Cybersecurity (ENISA) has reported that it received a total of 742 reports about cyber security incidents in 2020 that significantly impacted critical sectors under the Directive on security of network and information systems (NIS Directive), with the data revealing the health sector was the hardest hit, with an increase of 47% of such incidents compared to the previous year.

The key findings of the ENISA report pointed to a lack of sector-specific knowledge or capacity of national computer security incident response teams (CSIRTs), further analysis on lessons learned from past incidents and the implementation of the NIS Directive appear to be the main drivers of the creation of sector-specific incident response capabilities in the health sector.

The study further revealed the lack of security culture among operators of essential services (OES) with vulnerabilities arising due to the high turnaround healthcare equipment obsolescence which include hardware and digital devices that usually have a lifetime of 15 years on average. The complexity of systems increases the number of connected devices, leading to an extension of the potential attack surface. 


Emerging technologies such as the Internet of Things (IoT), artificial intelligence (AI), big data, cloud computing and the multiplicity of connected devices, have contributed to the steady rise in cyber threats. It is the role of CSIRTs to develop the capabilities needed to address such issues and implement the provisions of the NIS Directive.

The ENISA report also assessed the services developed and currently used by CSIRTs across the member states, analysed the trends in relation to sector-specific CSIRTs and issued recommendations to strengthen the incident response capabilities (IRC) in the health sector.

In an environment where specialised support is needed to develop incident response activities, the sectoral health CSIRTs remain inadequate.


Based on the report findings, ENISA recommendations are as follows:

  • Enhance and facilitate the creation of health sector CISRTs by allowing easy access to funding, promoting capacity building activities, etc.
  • Capitalise on the expertise of the health CSIRTs to help OES develop their incident response capabilities by establishing sector-specific regulations, cooperation agreements, communication channels with OES, public-private partnerships, etc.
  • Empower health CSIRTs to develop information sharing activities using threat intelligence, exchange of good practices and lessons learned, etc.

In light of the recent data published by ENISA, EU cyber security networks have met to address cyber incidents like technical and operational crisis management at the 15th CSIRTs Network meeting and 5th CyCLONe Officers meeting.

While the CSIRT Network engages in information sharing and cooperation between member states at technical level, the EU CyCLONe provides situational awareness among competent authorities acting at the operational level.

ENISA coordinates the secretariats for these networks, providing dedicated tools and expertise and the technical infrastructures needed for further development.

The agency acts as a facilitator between the cyber networks, which include decision-makers responsible for crisis management. 

The ENISA report is a telling look into the critical infrastructure changes that urgently need to be made due to the damaging consequences that can potentially affect the entire health supply chain for all stakeholders.

[Related: New report reveals divergent outlook on the future of work]



ENISA report: cyber attacks up by 47% in health sector
lawyersweekly logo
cyber security subscribe
Be the first to hear the latest developments in the cyber security industry.