Subscribe to Email Updates

Subscribe

health-ddos

Healthcare's Cybersecurity Radiography: Only One in Six Organizations Can Detect Advanced Threats

By Razvan Muresan on Feb 14, 2019 | 0 Comments

The healthcare sector has to store increasing quantities of personally identifiable and sensitive information, making it one of the most attractive targets for data theft.  However, according to EY’s Global Information Security Survey 2018-2019, the sector’s awareness of cyber risks is growing, and many organizations are determined to put stronger protections in place.

“Progress has been made, but more work is necessary,” the study’s authors say. “The healthcare sector has seen a number of cybersecurity incidents and alerts in recent months. In one incident, the health records of almost 100 million patients worldwide were put at risk by security bugs found in one of the world’s most widely used patient and practice management systems. In another, information such as the full names, dates of birth, insurance information, disability status, and home addresses of 2 million patients in Central America were exposed by a security failure."

“Healthcare data is extremely valuable on the dark web, which makes healthcare organizations attractive to attackers. One in 3 US healthcare organizations have suffered a cyberattack, and 1 in 10 have paid a ransom.”

Half of organizations in the healthcare sector and the government and public sector say they have increased spending on cybersecurity over the past 12 months, while 66% plan to spend more over the next 12 months.

One in six companies in healthcare says that customers’ personal and identifiable information is most valuable to cyber criminals, while 25% say malware has most increased their risk exposure.

Careless or unaware employees are seen by healthcare companies as the vulnerability that has most increased their risk exposure over the past 12 months (cited by 33%).

Only 18% of healthcare companies are very confident that they would detect a sophisticated attack on their organization.

“Importantly, more organizations are now beginning to recognize the broad nature of the threat,” says Richard Watson, EY Asia-Pacific Cybersecurity Leader. “One thing that has changed for the better over the past 12 months, partly because of some of those big cyber attacks we’ve seen at a global level, is a growing realization that security is also about maintaining the continuity of business operations — and not only about the security of data and privacy.”

The survey, conducted in 2018, captures the responses of over 1,400 C-suite leaders and information security and IT executives and managers, representing many of the world’s largest and most recognized global organizations.

Share This Post On

Author: Razvan Muresan

Former business journalist, Razvan is passionate about supporting SMEs into building communities and exchanging knowledge on entrepreneurship. He enjoys having innovative approaches on hot topics and thinks that the massive amount of information that attacks us on a daily basis via TV and internet makes us less informed than we even think. The lack of relevance is the main issue in nowadays environment so he plans to emphasize real news on Bitdefender blogs.