Stolen medical records are worth 10 times more than credit card data. That’s because they contain a wealth of information needed to commit fraud, including the filing of false tax returns, obtaining credit, acquiring illegal prescription drugs, making false Medicare/Medicaid claims and committing medical identity fraud.

In fact, 91 percent of health care organizations have suffered a breach that lost patient data in the last 24 months, and 40 percent experienced more than five breaches. These firms are also increasingly targeted for ransomware attacks that can have a devastating impact on operations.

Health Care Needs a Security Immune System

Why does this matter now? The health care industry has become increasingly competitive. Customer acquisition and retention are now critical for success, and patients now have more choices in selecting a provider and health care plan.

The Ponemon Institute’s “2015 Cost of Data Breach Study” revealed that health care has the highest increase in customer loss rates after a breach at 6.1 percent, or three times the rate of retail. Patients are voting with their feet when breaches occur.

Health care as an industry has also traditionally underinvested in security at an average of 3 to 4 percent of IT budget versus a range of 3 to 14 percent in all industries. With new delivery channels including cloud and mobile, new regulations, new sources of information via medical and wearable devices and the use of cognitive computing, information has become much more pervasive, porous and shared. That makes it more difficult to secure.

According to IDC, 65 percent of consumer transactions with health care organizations will be mobile by 2018, requiring health care organizations to develop omnichannel strategies. Additionally, 80 percent of companies in the health care industry will look to leverage the cloud in some way by 2020.

Watch the on-demand webinar: Improving Health Care’s Immunity to Security Threats

Creating a Multilayered Approach

What does this all mean for a health care organization? It means taking a new approach to cybersecurity by creating a security immune system.

Security controls and practices must be designed according to an integrated, multilayered approach. Effective cybersecurity needs to be set up like the body’s immune system: a system of capabilities that work together to protect the entire organism regardless of where the threat is coming from.

The human immune system relies on layers of protection to create a barrier to disease, detect invaders when they get through and then ultimately respond to eliminate the threat. The same can be said for an effective security system, which brings together capabilities to prevent, detect and respond to threats in a continuous, coordinated fashion. It requires:

  • Integrated intelligence: Correlate and analyze siloed information from hundreds of sources to automatically detect and respond to threats.
  • Integrated protection: Enhance security with solutions that interact across domains to provide cohesive, easy-to-manage protection.
  • Integrated research: Incorporate the latest information on vulnerabilities, exploits and malware into intelligent security solutions across domains.
  • Integrated infrastructure: Security is not complete unless you take advantage of a secure infrastructure.
  • Integrated incident response (IR): Firms must not only anticipate incidents, but they must also plan for them. As incident responders know all too well, solid IR begins long before an event and continues long after an incident is resolved. It’s a continuous cycle of preparation, assessment, management and mitigation.

Applying the Right Capabilities

There is a logic to all these capabilities, which fall into major security domains: data, applications, network, endpoint, mobile, advanced fraud and identity and access. Security intelligence is the brain, the central nervous system that aggregates and integrates the data and infuses analytics, cognitive learning and machine learning into domains to make them stronger. It also taps into the expertise of the team.

Think of these as domains of capabilities. Each domain has a maturity, and with the use of analytics, each can start to become truly secure. It is critically important that capabilities work together. This doesn’t mean they all have to come from one vendor, but the cybercriminals will find the spaces between the domains. The gaps are how attackers get through.

At IBM, we think seeing is believing. Watch our on-demand webinar “Improving Health Care’s Immunity to Security Threats” to learn more about our approach to security and see how a security immune system can help protect your organization.

More from Healthcare

Reporting Healthcare Cyber Incidents Under New CIRCIA Rules

Numerous high-profile cybersecurity events in recent years, such as the Colonial Pipeline and SolarWinds attacks, spurred the US government to implement new legislation. In response to the growing threat, President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) in March 2022.While the law has passed, many healthcare organizations remain uncertain about how it will directly affect them. If your organization has questions about what steps to take and what the law means for your processes,…

Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High

IBM Security and the Ponemon institute release an annual report known as one the most significant industry benchmarks. The Cost of a Data Breach analysis examines real-world breaches in great detail, producing insights into the factors that impact the cost of cyber-attacks. In the 2022 report just released, the healthcare sector stands out for extremely high breach costs on the global average chart. Furthermore, the sector has kept its leading position in that respect for the 12th year in a…

Incident Response for Health Care IT: Differences and Drivers

Threat actors continue to target the health care industry. IBM’s Threat Intelligence Index for 2022 rates the industry as the sixth most targeted. That puts it close behind the energy and retail and wholesale sectors. Certain regions seem to be more prone to attack as well. The Asia-Pacific region accounted for 39% of all health care-related attacks, while North America trailed next at 33%. Coming as no surprise, ransomware is the leading known method of attack, representing 38% of cases.Some…

Hospital Ransomware Attack: Here’s What a Cybersecurity Success Story Sounds Like 

Major ransomware attacks are scary, but against hospitals, they are even worse. One notable attack in August 2021 forced Ohio’s Memorial Health System emergency room to shut down (patients were diverted to other hospitals). In all hospital attacks, the health, safety, privacy and lives of patients face risk. But this incident also shows that whether targets are hospitals or any other kind of organization, the time and money spent preventing attacks is almost always worth it.  But what do you do…