The healthcare industry has long been a top target for cybercriminals. According to a 2016 study from the Ponemon Institute, 89 percent of healthcare organizations have experienced a data security breach resulting in the loss or theft of patient information.

More importantly, the cost of a data breach for healthcare is more expensive than any other vertical — and the volume of breaches is expected to increase. For example, the rate of ransomware attacks against healthcare organizations is projected to quadruple between 2017 and 2020.

So, what’s causing this massive uptick in attacks?

More Data, More Problems for Healthcare Organizations

Data proliferation is one major culprit. According to the International Data Corporation (IDC), 60 percent of healthcare applications will collect real-time location data and clinical Internet of Things (IoT) device information by 2019. What’s more, more than 40 percent of healthcare organizations around the world will use IoT-enabled biosensors in the next two years.

Another factor is low cybersecurity spend. Healthcare organizations allocate less than 6 percent of their IT budget for security, according to 2017 research from Symantec and HIMSS Analytics, which is well below the industry average.

The sheer value of healthcare data is also driving the surge in attacks against the sector. According to the FBI, electronic health records are far more valuable to cybercriminals than financial information, Reuters reported.

A Data Security Breach Has Major Consequences

Given all these factors, the impact of this skyrocketing attack volume is far-reaching across healthcare organizations and the industry overall. For example, 49 percent of healthcare executives said cybersecurity challenges create potential roadblocks when it comes to mergers and acquisitions (M&A).

The most obvious consequence of a data security breach is the cost burden. According to the Ponemon Institute’s 2017 Cost of Data Breach Study, the average compromised healthcare record costs organizations $380 — that’s three times the global average across industries. In the U.S., organizations can face steep fines for violating the Health Insurance Portability and Accountability Act (HIPAA). While the $19 million in such fines reported by the Office of Civil Rights was down slightly in 2017 from the previous year, this is still more than three times what healthcare companies paid out in 2015, according to the Telebehavioral Health Institute.

In addition to the financial cost, a healthcare data breach can negatively impact an organization’s reputation. This is particularly worrisome since more than half of patients said they would change their healthcare provider following a breach, according to a 2015 survey from TransUnion Healthcare.

Strengthening the Security Immune System

Given the healthcare industry’s vulnerability and the dire consequences of a data breach, it’s no surprise that cybersecurity spending is forecast to exceed $65 billion over the next five years, according to a 2017 report from Cybersecurity Ventures.

Data proliferation has resulted in a staggering number of false positives and logs. This requires the use of artificial intelligence (AI) to respond to attacks in real time. The security immune system strategy offers a fully integrated approach to safeguarding your business and its IT environment.

The system is centered around an AI-powered core of security orchestration and analytics tools that continuously process the many risk variables across the entire ecosystem of connected capabilities. This powerful integration helps increase visibility into hidden risks that human analysts might otherwise miss.

Is your organization prepared to withstand a data breach? Join a complimentary on-demand HIMSS webinar to learn more.

Watch the on-demand webinar: Healthcare Cognitive Security

More from Healthcare

Cost of a data breach 2023: Healthcare industry impacts

3 min read - Data breaches are becoming more costly across all industries, with healthcare in the lead. The 2023 Cost of a Data Breach Report analyzes data collected from March 2022 to March 2023. Healthcare remains a top target for online criminal groups. These data breach costs are the highest of any industry and have increased for the 13th consecutive year. Healthcare is a highly regulated industry that the U.S. government considers critical infrastructure. As such, recent federal privacy standards, security standards and…

Cyberattackers target the Latin American health care sector

3 min read - Cyberattacks on the healthcare sector are a growing threat in Latin America, and the large amount of confidential data these organizations handle makes these attacks a top concern. The value of healthcare data in the illegal market, such as the personal, medical and financial information of patients and healthcare companies, creates an appealing target for threat actors. This can have serious consequences for the privacy and information security of these organizations. Cyberattacks could lead to reputational risks, interruption of operations,…

Increasingly sophisticated cyberattacks target healthcare

4 min read - It’s rare to see 100% agreement on a survey. But Porter Research found consensus from business leaders across the provider, payer and pharmaceutical/life sciences industries. Every single person agreed that “growing hacker sophistication” is the primary driver behind the increase in ransomware attacks. In response to the findings, the American Hospital Association told Porter Research, “Not only are cyber criminals more organized than they were in the past, but they are often more skilled and sophisticated.” Although not unanimous, the…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today