March 7, 2018
By Shane Schick 2 min read

The shift toward digital solutions for managing patient data may be contributing to the increasing volume of security breaches in healthcare, a recent report suggested.

According to the “2018 Thales Data Threat Report,” 70 percent of healthcare organizations around the world have experienced a data breach. The survey, which included responses from approximately 1,200 global security professionals, also found that 55 percent of healthcare companies feel either “extremely” or “very vulnerable” to cyberattacks.

Technology Adoption Drives Up Security Breaches in Healthcare

Like almost every other industry sector, healthcare organizations have been adopting new technologies to boost productivity, cut down costs, improve communication and solve problems. Infosecurity Magazine noted that 93 percent of firms in the Thales study said they are using analytics software to manage big data, hosting data in the cloud or leveraging the Internet of Things (IoT) in some way. Security breaches may be on the rise simply because there are more points of vulnerability for cybercriminals to target.

Medical records often include data that is more valuable that credit card information, ComputerWeekly reported. Although 70 percent of healthcare professionals who responded to the Thales survey said that adhering to regulation and compliance requirements is an “extremely” or “very” effective way to avoid security breaches, it’s obviously not keeping all electronic health records and personal health information safe.

Insider Threats on the Rise

Thales isn’t the only firm taking a closer look at this sector. Verizon’s “2018 Protected Health Information Data Breach Report (PHIDBR)” revealed that nearly 6 in 10 security breaches in healthcare stem from either malicious or negligent employees. Another study from consulting firm Accenture found that nearly a quarter of U.S. healthcare employees know of at least one co-worker who had illegally sold usernames, passwords or other private information to unauthorized outsiders.

While insider threats are common in many other markets, the Verizon report noted that 70 percent of security breaches in healthcare that involved malicious code were ransomware attacks. Ransomware campaigns frequently target unsuspecting users, suggesting a need for increased security awareness and employee education.

 |  |  |  |  |  | 
Shane Schick
Writer & Editor
Shane Schick is a contributor for SecurityIntelligence.

More from

Risk Management   March 24, 2023

New Attack Targets Online Customer Service Channels

An unknown attacker group is targeting customer service agents at gambling and gaming companies with a new malware effort. Known as IceBreaker, the code is capable of stealing passwords and cookies, exfiltrating files, taking screenshots and running custom VBS scripts. While these are fairly standard functions, what sets IceBreaker apart is its infection vector. Malicious actors are leveraging the helpful nature of customer service agents to deliver their payload and drive the infection process. Here’s a look at how IceBreaker…

Threat Research   March 23, 2023

Operational Technology: The evolving threats that might shift regulatory policy

Listen to this podcast on Apple Podcasts, Spotify or wherever you find your favorite audio content. Attacks on Operational Technology (OT) and Industrial Control Systems (ICS) grabbed the headlines more often in 2022 — a direct result of Russia’s invasion of Ukraine sparking a growing willingness on behalf of criminals to target the ICS of critical infrastructure. Conversations about what could happen if these kinds of systems were compromised were once relegated to “what ifs” and disaster movie scripts. But those days are…

Data Protection   March 23, 2023

Cybersecurity 101: What is Attack Surface Management?

There were over 4,100 publicly disclosed data breaches in 2022, exposing about 22 billion records. Criminals can use stolen data for identity theft, financial fraud or to launch ransomware attacks. While these threats loom large on the horizon, attack surface management (ASM) seeks to combat them. ASM is a cybersecurity approach that continuously monitors an organization’s IT infrastructure to identify and remediate potential points of attack. Here’s how it can give your organization an edge. Understanding Attack Surface Management Here…

Data Protection   March 23, 2023

Six Ways to Secure Your Organization on a Smaller Budget

My LinkedIn feed has been filled with connections announcing they have been laid off and are looking for work. While it seems that no industry has been spared from uncertainty, my feed suggests tech has been hit the hardest. Headlines confirm my anecdotal experience. Many companies must now protect their systems from more sophisticated threats with fewer resources — both human and technical. Cobalt’s 2022 The State of Pentesting Report found that 90% of short-staffed teams are struggling to monitor…

© 2023 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature