The Cybersecurity in Healthcare Market, 2018-2030′ report features an extensive study of the current landscape and future outlook of the growing market of cybersecurity within the healthcare industry. The focus of this study is on the cybersecurity products / solutions and services that are currently available for protecting internet connected devices against cybercriminals, and the likely evolution of novel technologies / platforms in the mid to long term. Backed by funding from several venture capital firms and strategic investors, this evolving market has its hopes pinned on the efforts of multiple start-ups.
The digital revolution has transformed the way businesses operate across the globe. However, digitally stored information is prone to hacking and manipulation by cyber criminals. The concern is validated by the fact that more than 5.1 million records are compromised due to data breaches every day. In 2016, close to 1,800 incidents of data breaches were reported across all the industries; in total, almost 1.4 billion data records were lost or stolen. The year 2017 also witnessed several cyberattacks; notable examples include WannaCry and NotPetya ransomware attacks, Equifax data breach, MongoDB databases leak, Elasticsearch server hack, Cloudbleed security bug, Zomato hack, HBO hack / Game of Thrones leaks, Uber data breach, and Ethereum hack.
The healthcare industry has been amongst the prime targets for hackers over the last several years. The Ponemon Institute’s Fifth Annual Study reported that cyberattacks in healthcare have increased by a factor of 125% since 2010. In the first half of 2017, the healthcare industry had been compromised a number of times, having experienced a total of 228 data breaches, representing 25% of the total number of breaches worldwide. Across these instances, around 31 million records were compromised, stolen or lost, representing an increase of 423% as compared to the first six months of 2016.
In addition, according to a report published in May 2016, it is estimated that, with each electronic health record (EHR) costing around USD 355 in the black market, healthcare data breaches have resulted in losses worth USD 6.2 billion per year to the US healthcare industry.
Examples of organizations that have recently been the victims of cyberattacks / security incidents include (in alphabetical order) Abbott / St. Jude Medical, Anthem BlueCross BlueShield, Bayer, Bupa Global Health Insurance, Bronx Lebanon Hospital Center, HealthNow Networks, Johnson & Johnson, Med Center Health, Merck, National Health System (NHS), Pacific Alliance Medical Center, Patient Home Monitoring, and Smiths Medical.
In order to overcome these challenges, various cybersecurity solution providers have started to specifically focus on healthcare. Along with the presence of big companies, the entry of several start-ups is driving the innovation in this domain. Contrary to the expectation, capital spending on cybersecurity in the healthcare industry is far less compared to some other industries. In addition, the scarcity of skilled cybersecurity professionals capable of catering to the complex regulatory demands in the healthcare industry is making it even more difficult for the successful implementation of cybersecurity policies across this field.
Amongst other elements, the report features:
A detailed assessment of the current market landscape of cybersecurity within the healthcare domain, providing information on cybersecurity core products / solutions, threat intelligence solutions, information on different threat types, security elements and modes of deployment.
Detailed profiles of some of the emerging players in the industry, highlighting the current focus of the companies, capital raised, and details on their specific cybersecurity products / solutions and services. The profiles also have a section on recent developments, highlighting the achievements, partnerships / collaborations, and the likely strategies that may be adopted by these players to fuel growth in the foreseen future.
A comprehensive benchmark analysis, highlighting key focus areas of mid to large sized companies, thereby, providing a means to compare the existing capabilities within respective peer groups and help industry stakeholders identify ways to achieve a competitive edge over contemporary players. In addition, we have provided detailed profiles of some of the established players within each peer group.
An analysis of investments made at various stages of product development; these include seed financing, venture capital financing, debt financing and grants / awards received by the companies that are focused in this area.
An elaborate valuation analysis of companies that are involved in providing cybersecurity products / solutions / services to the healthcare industry; for the purpose of this analysis, we focused on companies that have been established over the last 5-6 years.
An overview of how artificial intelligence (AI), machine learning and deep learning techniques can augment cybersecurity, once integrated. In addition, we have outlined a detailed assessment of the current market landscape of AI-based cybersecurity, and provided high-level insights on the market competitiveness within this domain.
A case study on cybersecurity use cases within the healthcare industry, highlighting some of the notable healthcare data breaches and security incidents that have happened in 2017. In addition, we have briefly outlined some of the recently reported medical device hacks / security vulnerabilities that led to the recalling of these devices.
One of the key objectives of the report was to understand the primary growth drivers and estimate the future size of the market. Based on various parameters, such as number of healthcare data breaches, number of records compromised, expected pricing of the stolen medical records and spending trends on cybersecurity in the healthcare industry, we have provided an informed estimate on the likely evolution of the market in the long term, for the period 2018-2030. To account for the uncertainties associated with the number of data breaches, and to add robustness to our model, we have provided three forecast scenarios, portraying the conservative, base and optimistic tracks of the market’s evolution.
Close to 400 stakeholders currently offer a variety of products / solutions / services to healthcare organizations. Of these, over 80% companies provide core products / solutions (such as identity access management and intrusion prevention) to enhance information security. In addition, about 56% of the companies provide threat intelligence solutions to organizations in the healthcare organizations including hospitals, pharmaceutical / biotechnology companies and medical device manufacturers.
At present, the market is highly fragmented and is a mix of large enterprises, mid-size companies and start-ups. Majority of the large-sized companies (total 72) have three types of offerings (core products / solutions, threat intelligence solutions and services). In fact, for some of the companies in this category, cybersecurity is one of the many focus areas. Examples include (in alphabetical order, no selection criteria) AECOM, Cisco, Fortinet, IBM, Juniper Networks, Level 3, McAfee, Microsoft, NETSCOUT, Secure Works, SonicWall, Symantec and VMware.
Similarly, there are close to 100 mid-sized companies that are providing cybersecurity solutions / services to players in the healthcare domain. Examples include (in alphabetical order, no selection criteria) Absolute Software, Arbor Networks, Auth0, BeyondTrust, Black Duck Software, CipherCloud, Cybereason, Infoblox, Malwarebytes, Netskope, ThreatMetrix, LogRhythm, SentinelOne, Skyhigh Networks and Zerto.
In addition, several start-ups (close to 200) are offering innovative solutions / products / services. Venture capitalists have strongly supported innovation in this domain; around USD 2.5 billion has been invested in this industry since 2012 across around 180 instances of funding. Some of the companies that have raised capital multiple times since 2012 include (in alphabetical order, no selection criteria) Auth0, Cybereason, Cylance, Darktrac, Fortscale, ProtectWise, Rubicon Labs, SentinelOne, Skyhigh Networks, SnoopWall, Sqrrl and Synack.
Our proprietary valuation analysis reveals that, of the 64 start-ups that were evaluated, 20 companies are estimated to have a valuation between USD 100 million and USD 1,000 million. Examples of such companies include (in alphabetical order, no selection criteria) Anomali, Area 1 Security, Bitglass, Exabeam, Silent Circle, Sqrrl, Synack, Tempered Networks, Threat Stack, UpGuard and ZeroFOX. Specifically, there are two companies that are estimated to have a billion-dollar valuation.
Given the increasing number of cyberattacks in the healthcare industry, and the fact that the volume of digital data / records will steadily increase in the future, we estimate the overall cybersecurity market specific to the healthcare industry to grow at an annualized rate of about 14%. Since a significant proportion of electronic / digital data is located in the US, we believe that this region currently accounts for over 60% of the market’s share; this is followed by Europe with over 20% share. Over time, due to the adoption of digital solutions in highly populated countries, such as India and China, the market in Asia-Pacific is expected grow at a relatively higher rate.
Intrusion (hacking / ransomware) attacks, accounting for over 50% of the market, are the primary concern in the healthcare industry. In fact, the share of these breaches is estimated to grow to about 70% by 2030.
In terms of type of security, products / solutions for application security and network security are the most popular; these occupy about 50% of the current market. Due to the increasing prevalence of cloud based solutions, the market for cloud security is likely to register a relatively higher growth and occupy around 25% of the overall share by 2030.
21st Century Oncology
83North (formerly Greylock IL)
Access Venture Partners
Adams Street Partners
ADT Cybersecurity (formerly DATASHIELD)
Aesthetic Dentistry, New York, US
Alsop Louie Partners
Alvarado Hospital Medical Center
AME Cloud Ventures
America One Technologies
Area 1 Security
Argus Cyber Security
Arkansas Oral & Facial Surgery Center
Arsenal Venture Partners
Aruba (a Hewlett Packard Enterprise company)
Ascent Venture Partners
Athens Orthopedic Clinic
Augusta University Medical Center
Avata Intelligence (formerly Armorway)
AxonAI (formerly AXON Ghost Sentinel)
Bain Capital Ventures
Benhamou Global Ventures (BGV)
Bessemer Venture Partners
Black Duck Software
Black Sheep Capital
Blackstone Tactical Opportunities Fund
Blu Venture Investors
Blue Coat Systems
Bon Secours Health System
Booz Allen Hamilton
Bronx-Lebanon Hospital Center
Buckhead Investment Partners
Built in LA
California Correctional Health Care Services
Capital One Growth Ventures
CapitalG (formerly Google Capital)
Category 5 Consulting
Center of Innovative Technology
Central Ohio Urology Group
Charles River Ventures
Check Point Software Technologies
Chino Valley Medical Center
CITIC Telecom CPC
Clear Venture Partners
Cleveland Medical Associates
Commonwealth Health Corporation
Community Health Plan of Washington
Community Mercy Health Partners
Computer Science and Artificial Intelligence Laboratory, Massachusetts Institute of Technology (MIT CSAIL)