The healthcare industry is currently on an upswing, creating new jobs consistently and it is expected to create a total of four million new jobs by the year 2026. Advancements in technology have helped to generate some of the growth in the industry, but these same advancements are also creating some challenges as well.
When it comes to cybersecurity, the healthcare industry is in jeopardy. The industry is a popular target for cyber criminals, apparently lagging behind other industries when it comes to cybersecurity policies and procedures. According to Wipro’s State of Cybersecurity Report 2018, the healthcare industry is the most commonly targeted industry for data breaches, accounting for over 40% of reported breaches in 2017. An earlier report found that there was an average of at least one health data breach per day in 2016, and that these attacks affected more than 27 million patient records over the course of the year.
Despite the growing awareness surrounding threats to healthcare data, healthcare organizations continue to remain behind other industries when it comes to cybersecurity efforts. For example, according to recent data, the healthcare industry was reported to be the slowest industry in regards to upgrading to Windows 10. A number of healthcare providers are running outdated and/or unsupported operating systems, which leaves them vulnerable to targeted attacks such as WannaCry, a ransomware attack in 2017 that specifically targeted machines running Windows 7.
The Biggest Cybersecurity Challenges in Healthcare
Many common cybersecurity threats remain problematic in the healthcare industry. The challenges listed below are some of the biggest threats to healthcare information security.
- Malware/Ransomware: Malware and ransomware are utilized by cyber criminals to shut down or take over devices, servers and even entire networks. Once entry is gained, criminals can copy and even remove or change data, and in some cases may demand a ransom in exchange for returning the stolen information.
- Phishing Attacks: This strategy is the number one technique cyber criminals use to collect data. Mass amounts of emails are sent out from seemingly reputable sources to obtain sensitive information from users or to direct them to a misleading website that can be harmful to the user’s computer.
- Employee Error: Unknowingly, employees often leave healthcare organizations susceptible to attack through weak passwords, unencrypted devices and other security mistakes.
The best step that healthcare organizations can take towards better cybersecurity is to put more money and effort into it. The majority of healthcare organizations spend just six percent or less of their IT budgets on cybersecurity, according to a recent report. Most organizations in other industries spend closer to double that percentage of their IT budgets on their cybersecurity efforts. Investing in cyber risk services through a reputable cyber insurance provider is a great way for healthcare companies to help protect themselves against data breaches and change the overall state of healthcare cybersecurity for the better.
About Connected Risk Solutions
At Connected Risk Solutions, we use our expertise and experience to provide insurance information and programs to those who serve long-term care and senior living facilities. Since 2007, we’ve been offering insurance and risk management plans designed to help our agents give their clients the ability to achieve continued growth while simultaneously protecting against loss, containing costs and increasing profitability. To learn more, contact us at (847) 832-9100.