A new survey reveals that healthcare data breaches cost the industry billions, and is only expected to get worse.
A new survey sheds light on the lack of awareness of the cybersecurity landscape in healthcare and the resulting damages from a cost and data standpoint.
The recent Black Book Market Research shows that:
Black Book Market Research LLC surveyed over 2,876 security professionals from 733 provider organizations to identify gaps, vulnerabilities, and deficiencies that persist in keeping hospitals and physicians proverbial sitting ducks for data breaches and cyberattacks. Ninety-six percent of IT professionals agreed with the sentiments that data attackers are outpacing their medical enterprises, holding providers at a disadvantage in responding to vulnerabilities.
Perhaps the biggest takeaway, the report finds that healthcare data breaches will cost $4 billion by the end of 2019, according to Jeffrey Gardner, director of information security at Landmark Health, an in-home medical care leader in Huntington Beach, California.
“This industry issue is broken down in the study, exposing many of its contributing factors,” Gardner says. “Some examples of such data points include a shortage of healthcare cybersecurity professionals, blind purchase decisions of cybersecurity solutions, and a lack of understanding of the cybersecurity product and service landscape.”
Because healthcare providers are the most targeted in the industry for cybersecurity breaches, it’s especially important for executives to understand what they’re doing wrong, and what’s at stake, according to Gardner.
“As the decision makers of the organization, executives have the duty of relaying this information and implementing effective preventive measures into cybersecurity strategies,” he says.
Based on the survey, Gardner offers three pieces of advice for healthcare executives:
1. Understanding the devices in your cybersecurity environment is crucial to keeping your organization secure, and a cybersecurity asset management solution can get you up to speed. “An ideal solution can identify each device, reveal security gaps, and automatically validate and enforce security policies,” he says.
2. Invest in tools that are secure, simple, and efficient. Make sure adequate research is done before these purchasing decisions are made. “Your employees don’t want to spend a chunk of their valuable time setting up or learning how to use a new security solution,” Gardner says.
3. Conduct frequent and proper training around cybersecurity solutions and best practices. “Even if you raise awareness and create a sense of urgency around the issue, it is a loss if they do not have an understanding of how to take action,” he says.