December 23, 2016 By Derek Brink 3 min read

As IBM X-Force Security Research predicted six months ago, a shift in cybercriminals’ focus from the retail industry led to increased risk in the health care sector in the second half of 2016. Unfortunately, empirical data confirmed just how dramatic these trends have been on a year-over-year basis. Let’s review the state of health care security in 2016.

Top Threats to Health Care Security in 2016

The Privacy Rights Clearinghouse published a chronology of publicly disclosed data breaches, sorted by type of breach, type of organization, number of records compromised and date of disclosure. The following graphic shows that the total number of data breaches in the health care sector ballooned from 81 in 2015 to 283 in 2016.

Drilling down into the type of breaches is also enlightening when reviewing the state of health care security in 2016.

Malicious External

External, malicious incidents, which may involve malware infection or other outside cybercriminal activity, increased from 17 instances in 2015 to 121 in 2016. This category includes ransomware, by far the highest-profile exploit to hit the health care sector in 2016.

Non-Malicious Internal

Sometimes breaches occur as the result of a pure accident. For example, a user with legitimate access might unintentionally disclose sensitive data, mistakenly post sensitive information publicly, or send a confidential email, fax or physical documents to the wrong party. This type of insider threat increased by a factor of nearly five, from 18 in 2015 to 86 in 2016.

Lost or Stolen Devices

This type of breach occurs when devices holding sensitive data are lost, stolen or improperly discarded. Incidents involving this type of breach increased by about 45 percent, from 27 in 2015 to 39 in 2016. Virtually all of these are mobile or portable devices such as smartphones, laptops, memory sticks, hard drives, backup tapes and so on. Most organizations use encryption to address the risk of data breaches on their endpoints.

Physical Loss

Incidents in which paper documents were physically lost, discarded or stolen increased by about 2.7 times, from 12 in 2015 to 32 in 2016. This is a good reminder that the scope of information security actually encompasses data in all forms, electronic or not.

Malicious Internal

There was one bright spot in the year-over-year trends, according to the report. Internal breaches stemming from malicious users with legitimate access, such as employees, contractors, business partners and customers, decreased from 11 in 2014 and seven in 2015 to just five in 2016. While the insider threat is still a serious concern, the data showed that it’s a relatively low-priority issue with regard to data breaches.

Looking Back, Looking Ahead

Why did the cyberthreat landscape shift to the health care sector? Cybercriminals have the motive — since health care data is both valuable and long lasting — and the opportunity. They are able to exploit common use of legacy systems and devices with weak security, as well as a fragmented workforce with a high priority on patient care and low priority on security, and the pressing need for immediate access to patient records. These factors make health care an extremely attractive target.

The prescription for health care security in 2017 and beyond? Recognize the fundamental problem as a business issue, not a technology issue. Understand the risks, decide how much risk is acceptable and invest in a more mature set of capabilities for reducing risk to an acceptable level.

Listen to the podcast: Data Security Insights from a Health Care Insider

More from Healthcare

Ransomware on the rise: Healthcare industry attack trends 2024

4 min read - According to the IBM Cost of a Data Breach Report 2024, the global average cost of a data breach reached $4.88 million this year, a 10% increase over 2023.For the healthcare industry, the report offers both good and bad news. The good news is that average data breach costs fell by 10.6% this year. The bad news is that for the 14th year in a row, healthcare tops the list with the most expensive breach recoveries, coming in at $9.77…

Cybersecurity risks in healthcare are an ongoing crisis

4 min read - While healthcare providers have been implementing technical, administrative and physical safeguards related to patient information, they have not been as diligent in securing their medical devices. These devices are critical to patient care and can leave hospitals at risk for cyberattacks, causing major disruptions to patient care. In fact, 88 million individuals were affected by large breaches, compromising vast amounts of electronic protected health information (ePHI) last year according to the U.S. Department of Health & Human Services. This year,…

Cost of a data breach: The healthcare industry

3 min read - Cyberattacks grow every year in sophistication and frequency, and the cost of data breaches continues to rise with them. A new report by IBM and the Ponemon Institute, the 2024 Cost of Data Breach Study, details the financial impacts of attacks across multiple industries.The global average cost of a data breach reached an all-time high of $4.45 million in 2023, which is a 15% increase over the past three years. This increase was mainly driven by rising expenses associated with…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today