healthcare providers offered a guide by ENISA for addressing cybersecurity risks, safeguarding data, and enhancing resilience.
The European Union Agency for Cybersecurity (ENISA) has published a comprehensive guide titled 'Cyber Hygiene in the Health Sector' to help healthcare organisations strengthen their digital defenses. The guide offers practical steps for large hospitals, smaller providers like clinics and general practitioners, and individual medical specialists to safeguard sensitive data, reduce exposure to common cyber threats, and strengthen overall resilience.
According to ENISA's Threat Landscape for the health sector, healthcare providers account for 53% of all reported cybersecurity incidents. In light of this, the guide emphasises the importance of identifying and tagging sensitive data according to different sensitivity levels.
To protect wireless networks, the guide recommends adopting the latest encryption standards and isolating guest Wi-Fi from clinical Local Area Networks (LANs). For remote access, the use of Virtual Private Networks (VPNs) with multi-factor authentication is necessary.
The guide also advises implementing multi-factor authentication for systems accessible over the internet, as well as protecting internet-facing systems with a Web Application Firewall combined with a Distributed Denial of Service (DDoS) mitigation service.
Administrative privileges should be carefully managed and monitored, with user access rights regularly reviewed to ensure they remain appropriate for each role. The guide also suggests implementing next-generation firewalls and web application filters for stronger defenses.
Network segmentation is another essential practice outlined in the guide. Health entities are advised to maintain an up-to-date inventory of all Information and Communication Technology (ICT) assets, configure systems securely, apply the principle of least privilege, and implement strong password policies and multi-factor authentication for online systems.
Data should be encrypted both at rest and in transit, and metadata cleaning processes should be implemented. The guide also advises establishing an incident response process with a dedicated team and clear communication channels.
The EU has reinforced its intention to prioritise the challenges faced by the healthcare ecosystem, with regulatory developments including the Medical Device Regulation (MDR), the Cyber Resilience Act (CRA), and the European Health Data Space Regulation (EHDS).
The EU Cybersecurity Reserve, funded through the Digital Europe Programme (DEP) under the Cyber Solidarity Act, was established as part of a €36 million agreement with ENISA. The reserve aims to provide rapid support to Member States facing significant cybersecurity incidents.
The health sector is classified among those in the risk zone, with a significant gap between its cybersecurity maturity and its critical importance, according to ENISA's NIS360 report. To address this, the EU Action Plan for the cybersecurity of hospitals and healthcare providers was launched in early 2025.
The team established within the framework of the 10th ENISA eHealth Security Conference in collaboration with ENISA, the Romanian National Cyber Security Directorate, and the European Cyber Security Competence Centre is called the Health Sector Cybersecurity Stakeholders Network. This network brings together stakeholders from the health sector to exchange insights, share best practices, and discuss the evolving regulatory landscape shaping healthcare cybersecurity.
The ENISA eHealth Security Conference, held in Bucharest, is an annual event that brings together stakeholders from across the sector to discuss the latest developments in healthcare cybersecurity. The conference provides a platform for organisations to learn from each other, share best practices, and stay informed about the evolving regulatory landscape.
