Top Cyber Security Risks in Healthcare [Updated 2020]

Executive summary

The healthcare industry is a prime target for cybercriminals. Stolen protected health information (PHI) is worth hundreds, even thousands of dollars on the black market. For cybercriminals, the healthcare industry is a golden goose. Time-to-report and time-to-discover periods are often long, giving cybercriminals ample time to collect and sell stolen records online before vulnerabilities are detected and patched.

The healthcare industry’s growing use of connected medical devices, equipment and other IoT devices also means there are many new risks and endpoints to manage and secure. In the following pages, we will review critical security concerns facing the industry and healthcare compliance regulations. We will also explain the advantages of workforce security awareness training.

Top security concerns in the healthcare industry

Managing budgetary constraints

According to Symantec, the healthcare industry spends considerably less on cybersecurity technology and staff than other regulated industries. For comparison, in 2019, the US federal budget allocated $15 billion for cybersecurity-related activities, an increase of 4.1 percent above the FY 2018[1]. However, healthcare averaged at only 5% of budget spent on security.

A recent survey from the Healthcare Information and Management Systems Society (HIMSS) has, however, found good news in terms of budget for cybersecurity. In their 2019 report, “HIMSS Cybersecurity Survey,” they state that “Many positive advances are occurring in healthcare cybersecurity practices and healthcare organizations appear to be allocating more of their information technology (“IT”) budgets to cybersecurity.”

While spending on cybersecurity is much like purchasing insurance, the changing tide of increased cybersecurity threats targeting the healthcare sector is slowly resulting in attitude changes and increased budgets. This perspective can be catastrophically short-sighted in the long term. A recent Ponemon Institute study found healthcare data breaches increased by five percent in the past year and the cost of the (Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Susan Morrow. Read the original post at: