Image
ENISA is working towards a cyber secure and resilient Health Sector in the EU.
The health sector has been increasingly targeted following the Covid-19 pandemic which made the it even more vulnerable to cyberattacks as EU citizens had to extensively resort to online services, thus expanding the attack surface and giving rise to ransomware and phishing attacks.
Cybersecurity in the health sector has been a priority for ENISA over the years and especially since the outbreak of the Covid-19 pandemic. ENISA has engaged in a substantial range of activities to support the health sector, including the publications of good practices for essential entities in the sector, raising awareness and building cybersecurity capabilities, as well as providing assistance to the Member States for the implementation of NIS provisions.
As such, a dedicated NIS Cooperation Group Workstream on Health was established to provide guidance to the Member States and to monitor the implementation of the NIS provisions. ENISA actively contributes to the workstream’s activities and deliverables. ENISA also engages with the industry, by contributing to the activities of the EU Health ISAC. Moreover, in order to bring the health community together, ENISA organises the annual cybersecurity conference, inviting experts to share their insights on legislative developments and the evolving threat landscape.
In 2023, ENISA released a threat landscape report for health, covering publicly reported cyber incidents from January 2021 to March 2023. According to the analysis, top threats to the health sector include ransomware (54% of attacks), followed by Denial of Service (DDoS) attacks. For 53% of the analysed incidents, healthcare providers were the most affected and in particularhospitals.Based on the health related incidents analysed for the ENISA Threat Landscape in 2024, 45% of them related to ransomware attacks and 28% being data breaches. Also, as per the significant NIS incidents reported by Member States through ENISA’s Cybersecurity Incident Reporting and Analysis System (CIRAS), health is the most affected sector for four years in a row (2020-2023).
The recent regulatory advancements, including the transposition of NIS2 and the upcoming European Health Data Space (EHDS), have brought cybersecurity in the health sector and the challenges of health data sharing into sharper focus. This was further underscored in the political guidelines for the European Commission 2024-2029, which outline a commitment for the new Commission to create a European action plan aimed at enhancing the cybersecurity of hospitals and healthcare providers.
Given how critical healthcare services are for society, it is important to analyse how secure systems and infrastructures are in order to provide efficient and reliable healthcare services. ENISA will further support the continuous process of strengthening the cybersecurity maturity of the EU's Health Sector.
Related content
Low Earth Orbit (LEO) SATCOM Cybersecurity Assessment
This report explores the cybersecurity of Low Earth Orbit (LEO) constellations providing telecommunications services (LEO satcom). Examining various threats and risks-technical, financial, or commercial the landscape of potential attacks is vast.
Undersea cables
This report aims to follow up with detailed technical guidelines for national authorities and to support them with the technical aspects of the supervision of undersea cables and their associated infrastructure, including landing stations and cable net
Health Threat Landscape
This is the first analysis conducted by the European Union Agency for Cybersecurity (ENISA) of the cyber threat landscape of the health sector in the EU.
Good Practices for Supply Chain Cybersecurity
The report provides an overview of the current supply chain cybersecurity practices followed by essential and important entities in the EU, based on the results of a 2022 ENISA study which focused on investments of cybersecurity budgets among organisat