Getty Images/iStockphoto
Growing Body of Data Shows High Healthcare Breach Risk
Hackers have their targets aimed at healthcare and organizations must take action to avoid preventable healthcare breaches.
It’s no secret that the healthcare industry has a cybersecurity crisis. Week after week, new headlines appear detailing new hacks, millions of dollars in ransoms, and PHI that’s been taken from secure servers and is now floating around the dark web. According to Kaiser Health News, over 20 million patients have had their data exposed in the first half of this year. In July, the federal government warned that North Korea is targeting American healthcare organizations with ransomware. According to Identity Theft Center’s report on Q1 of 2022, the healthcare industry had the most breaches out of the industries surveyed.
So we know hackers have their targets aimed at healthcare. But questions still remain — why healthcare, and what can the industry do to stay safe?
What makes healthcare a vulnerable target for attacks
Recently, SecureLink released the 2022 Ponemon Institute Report, “The State of Cybersecurity and Third-Party Remote Access Risk,” and the data collected is shedding light on exactly why healthcare is targeted over and over by ransomware and other forms of cyberattacks.
The obvious point is that healthcare organizations contain protected health information (PHI) that fetches a pretty penny on the dark web. The report shows that 59% of healthcare organizations have experienced a breach in the last 12 months. The threat is real. But the more significant issue is how and why hackers are able to breach the perimeter, open the vault, and make away with that data.
The answer? Organizations aren’t doing enough to keep that valuable data safe — especially when granting third parties access to their systems, servers, and assets. Right now, only 49% of organizations monitor third-party access, even though detailed audits are a crucial aspect of HIPAA compliance and overall access security.
In addition, healthcare organizations are finding themselves overwhelmed with all that is needed to stay safe in a changing cybersecurity landscape. 63% of organizations stated that managing third parties was overwhelming. Not only is that a barrier, but over half of those surveyed also cited system complexity and high false-positive rates as issues when building a cybersecurity strategy. This highlights that organizations don’t trust their systems and feel too overwhelmed to invest in other solutions, essentially leaving the door unlocked for bad actors.
How can healthcare fix its cybersecurity problem
Healthcare has to be proactive regarding cybersecurity because attacks aren’t going away. The best defense is a good offense; unfortunately, healthcare organizations aren’t investing enough in their offensive side. But there are solutions:
1. Invest in automated cybersecurity solutions.
Understandably, organizations feel overwhelmed by managing vendors and access. They’re already running a hospital; they don’t need to also run cybersecurity. However, many automated systems (big and small) on the market today can lift the burden and help healthcare get a grip on their security. While false positives are an understandable concern, technology is evolving, with multiple platforms utilizing machine learning to reduce false positives and provide more fine-grained security.
2. Monitor everything.
Not only is access monitoring crucial for HIPAA compliance, but it’s also critical for cybersecurity. Real-time monitoring, as well as retroactive analysis, can help an organization identify access gaps and fill those gaps before the worst happens. You can’t stop crime with your eyes closed.
3. Pay attention to your third-party access.
Internal threats are often the focus when it comes to healthcare. That makes sense when there are over a million EMR accesses per organization per day. But healthcare networks rely on an ever-growing swath of third parties and giving a single vendor too much access can be a costly mistake. Third-party breaches continue to rise (recently, PHI was exposed through a debt collection organization a healthcare system was using), so restricting that access is critical to restricting a possible attack surface.
While those three tasks are easier said than done, if healthcare organizations take the time and money to start re-evaluating their cybersecurity and work on a proactive approach, it will certainly be easier and more cost-effective than dealing with HIPAA fines, breach cleanup, and reputation damage from the next cyberattack.
_____________________
About SecureLink an Imprivata Company
The State of Cybersecurity and Third-Party Remote Access Risk
SecureLink is the industry leader in critical access management, empowering organizations to secure access to their most valuable assets, including networks, systems, and data. By leveraging Zero Trust principles, machine learning, and artificial intelligence, SecureLink provides comprehensive security solutions to govern, control, monitor, and audit the most critical and highest risk access points. Organizations across multiple industries -- including healthcare, manufacturing, government, legal, and gaming -- trust SecureLink to secure all forms of critical access, from remote access for third parties to access to critical infrastructure, regulated information, IT, and OT.
Dig Deeper on Cybersecurity strategies
-
KLAS: AI, Market Consolidation Impact Patient Privacy Monitoring Vendor Trends
-
Healthcare Is More Reactive Than Proactive When It Comes to Cybersecurity, KLAS, AHA, Censinet Find
-
Healthcare Cybersecurity Starts with Identity and Access Security
-
How Identity Management IGA Secures Protected Health Information