The future of the healthcare industry will be shaped by a range of disruptive themes, with cybersecurity being one of the themes that will have a significant impact on healthcare companies.A detailed analysis of the theme, insights into the leading companies, and their thematic and valuation scorecards are included in GlobalData’s thematic research report,Cybersecurity in Healthcare – Thematic Research.  Buy the report here.

Cyberattacks are especially dangerous to healthcare, given the sensitive and personal nature of health data. Weak cybersecurity measures expose companies to serious risk. Victim companies suffer operationally, as systems are rendered unusable; reputationally, as customers lose trust; and legally, as ever-stricter regulators seek to punish. Pharma companies have proprietary scientific data and intellectual property, medical devices companies develop connected devices, and healthcare companies collect and utilise patient data. Breaches in healthcare and pharma cost more than those in almost any other industry.


In response to this threat, healthcare cybersecurity investment is growing. Between 2020 and 2025, cybersecurity spending by healthcare providers and payors is forecast to grow at a compound annual growth rate (CAGR) of 8.1%. In the same period, cybersecurity spending by pharma will grow at a slightly lower rate, 7.4%. Medical device spending will grow at a rate of 7.3%.

However, not all companies are equal when it comes to their capabilities and investments in the key themes that matter most to their industry. Understanding how companies are positioned and ranked in the most important themes can be a key leading indicator of their future earnings potential and relative competitive position.

According to GlobalData’s thematic research report, Cybersecurity in Healthcare, leading adopters include: Abbott, AstraZeneca, Battelle, Cardinal Health, Centene, Johnson & Johnson, Novartis, and Pfizer.

Insights from top ranked companies


As well as standard, comprehensive cybersecurity measures, AstraZeneca aims to tackle cybercrime by supporting enforcement measures against the selling of counterfeit drugs. Stolen information is often used to make and sell counterfeit products; it claims that 700,000 deaths from malaria and tuberculosis alone are due to counterfeit drugs. AstraZeneca also accused Russia and North Korea of attempting to steal information on its Covid-19 vaccine.


Pfizer’s cybersecurity approach involves maintaining a global security policy, staff awareness training, asset discovery, and management and organisation. Pfizer also reported increased attacks during Covid-19 vaccine development.


Novartis used Cohesity for data management, which offers cybersecurity and ransomware recovery measures. Novartis suffered a cyberattack by Industrial Spy in June 2022 but did not lose any sensitive data.

To further understand the key themes and technologies disrupting the healthcare industry, access GlobalData’s latest thematic research report on Cybersecurity in Healthcare.

  • Bayer
  • Lilly
  • AbbVie
  • Novo Nordisk
  • Amgen
  • Gilead Sciences
  • Biogen
  • Merck
  • Boehringer Sohn
  • Astellas Pharma
  • Thermo Fisher Scientific
  • UCB
  • Catalent
  • Daiichi Sankyo
  • Parexel
  • Regeneron
  • Teva
  • CSL
  • Otsuka
  • Vertex
  • Seagen
  • Lonza
  • Dr. Reddy's
  • Viatris
  • WuXi AppTec
  • Charles River
  • Innovent Biologics
  • Cipla
  • Lupin

Premium Insights


The gold standard of business intelligence.

Blending expert knowledge with cutting-edge technology, GlobalData’s unrivalled proprietary data will enable you to decode what’s happening in your market. You can make better informed decisions and gain a future-proof advantage over your competitors.

Frequently asked questions

  • 1. Why are Healthcare companies investing in cybersecurity?

    Healthcare companies are investing in cybersecurity to protect sensitive data and critical services from cyberattacks. The healthcare industry deals with proprietary scientific data, intellectual property, and patient data, making it vulnerable to cyber threats. Cybersecurity investment helps companies to prevent operational disruptions, maintain customer trust, and comply with regulatory requirements.

  • 2. How do cyberattacks impact the Healthcare industry?

    Cyberattacks can have severe consequences for the healthcare industry. They can render systems unusable, damage reputation, and lead to legal penalties. Healthcare companies are particularly vulnerable to cyberattacks due to the sensitive nature of the data they handle. Breaches in healthcare and pharma cost more than those in almost any other industry.

  • 3. Which Healthcare companies are leaders in cybersecurity adoption?

    Some of the leading adopters of cybersecurity in the healthcare industry include Pfizer, Novartis, Abbott, and Battelle. These companies have established comprehensive cybersecurity measures and have invested in product cybersecurity multifunctional groups, cybersecurity medical advisory boards, and relationships with third-party cybersecurity specialists.

  • 4. Who are the leading vendors of cybersecurity to the Healthcare industry?

    The leading vendors of cybersecurity to the healthcare industry include Arm, Intel, Apple, Samsung Electronics, Synopsys, Broadcom, One Identity, Apple Last Pass, Megvii, Zscaler, Cisco, Netskope, Fortinet, CrowdStrike, VMware, Microsoft, Splunk, Exabeam, Trend Micro, Palo Alto Networks, Sentinel One, Proofpoint, Check Point Software, IBM, Mimecast, Barracuda, Veracode, Micro Focus, Sophos, WatchGuard, Atos, Imprivata, and Hashed Health.

  • 5. How does increased investment in cybersecurity benefit Healthcare companies?

    Increased investment in cybersecurity helps healthcare companies to prevent cyberattacks, protect sensitive data, and maintain customer trust. It also helps companies to comply with regulatory requirements and avoid legal penalties. Cybersecurity investment can also improve operational efficiency and reduce the cost of suffered breaches.

  • 6. What are the challenges with adoption of cybersecurity in Healthcare?

    The challenges with adoption of cybersecurity in healthcare include the high cost of implementation, lack of in-house expertise, and the complexity of the healthcare ecosystem. Healthcare companies must cover all components of the cybersecurity value chain, including chips, identity procedures, networks, endpoints, cloud presence, data, email, and applications. Appropriate vulnerability management, threat detection, and threat response must be established.

  • 7. What is the projected market size of cybersecurity in Healthcare?

    Between 2020 and 2025, GlobalData predicts cybersecurity spending by healthcare providers and payors is forecast to grow at a compound annual growth rate (CAGR) of 8.1%. In the same period, cybersecurity spending by pharma will grow at a slightly lower rate, 7.4%. Medical device spending will grow at a rate of 7.3%.

  • 8. Who are the leading specialist cybersecurity vendors in Healthcare?

    The leading specialist cybersecurity vendors in healthcare include IBM, NTT Data, KPMG, Cisco, Verizon, BAE Systems, Secureworks, PwC, AT&T, Accenture, CrowdStrike, Sophos, Thales, China Telecom, China Unicom, Infosys, Tata Consultancy Services, DXC Technology, Telstra, Herjavec Group, and Trellix.

  • 9. What are the components of the cybersecurity value chain?

    GlobalData’s cybersecurity value chain consists of three main areas: hardware, software, and services.


GlobalData, the leading provider of industry intelligence, provided the underlying data, research, and analysis used to produce this article.

GlobalData’s Thematic Scorecard ranks companies within a sector based on their overall leadership in the 10 themes that matter most to their industry, generating a leading indicator of their future earnings and relative position within key strategic areas.