Sunday, May 25, 2025

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Creators Network
    • Latest Posts
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • Calendar View
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » Do You Think Your Healthcare Data Is Safe?

SBN

Do You Think Your Healthcare Data Is Safe?

by Jane Grafton on May 18, 2021

The HIPAA Journal is reporting that in March of 2021, we saw a 38.8% increase in reported healthcare data breaches from the previous month. Hacking incidents are the dominant breach method. And apparently the higher number of breaches is due to an increase in data breaches at business associates. Here’s the breach breakdown of hacking/IT incidents:

  • 76% involved compromised network servers
  • 24% involved breaches of email accounts
  • 60% of breaches involved business associates

The number of breached records also rose 135.89% with 2,913,084 healthcare records exposed across 62 incidents. That’s a lot of breached healthcare records. Do you think your healthcare data is safe?

The Verizon 2021 Data Breach Investigations Report

The Verizon 2021 Data Breach Investigations Report just came out. Most everyone in the cybersecurity industry knows about this report since it’s an annual event. How did the healthcare industry fare this year? Well, not great. In the healthcare industry, Verizon analyzed 472 data breaches. Here are the key takeaways:

Techstrong Gang Youtube
AWS Hub
  • 221 incidents involved malware, 178 hacking, 137 human error, and 106 social attacks
  • 61% of incidents were the work of external threat actors while 39% were internal data breaches
  • Medical data was breached in 55% of data breaches, whereas personal data was breached in 66% of incidents
  • 32% of breached involved the theft of credentials

So now do you think your healthcare data is safe?

Compromised Accounts are Behind these Statistics

The story line for these cyberattacks are similar. An external threat actor uses extremely sophisticated technical means to break these seemingly impenetrable systems. Yes, there could have been purpose-written malware that was used in the reconnaissance phase of the kill chain that evaded technical controls at the perimeter. But far more likely is the fact that criminals used a compromised identity to gain access past perimeter defenses. First, to discover the valuable data. Second, to install malware. Then to external servers, and finally, to send the data out encrypted to the thieves.

Not Necessarily a Cybersecurity Breach Activity

The problem is that stealing a logon credential is not necessarily a cybersecurity breach activity. It can be a phone call, or a borrowed password from a new “friend” who can be a contractor. It can also be an insider who has plans to gain access and exfiltrate data. That is what makes these breaches of compromised accounts so difficult – human factors.

To deal with human factors as a risk variable, cybersecurity practitioners are wrapping User and Entity Behavior Analytics (UEBA) around identities. Meta data from these identities can be cross-correlated to other defense-in-depth security data sets to provide a 360° context of who was doing what, when, and where. So, even if you do have users that hit a drive-by download or a watering hole attack via email using a spear phishing campaign, their identity will be tracked. This is to see anomalous or unusual behavior that is exhibited and unknown even to them. You can start to predict bad behavior (even if unintentional) to prevent data loss. This is better than a call from your friendly FBI agent, or former third party supplier of business, about their data being lost from your IP address ranges.

No matter how sophisticated an attack is from an outsider, a compromised identity is likely invoked to do the real damage. UEBA can provide the insight and predictive analysis to get ahead of these breaches before the real damage is done. Then healthcare organizations can be confident that your healthcare data is truly safe.

How UEBA Detects and Prevents Account Compromise

External attacks can be identified and stopped without significant loss of sensitive data. Gurucul UEBA would have triggered on the following events which are typical stages of a cyberattack:

  • An outbound connection to an IP infrastructure not previously seen before, and which most likely was connected without using a DNS query
  • Large amounts of software uploaded from an asset when compared with its prior history or peer groups
  • Lateral movement of account credentials to other assets on the network which most likely wouldn’t have seen before
  • Access to databases and executing queries aggressively across schema to find where the sensitive data is in storage

It is never too late to deploy the right technology to safeguard your future assets and prevent account compromise. But it is always better to do it before your identity is compromised. Hear directly from our customer, Allina Health, to understand how Gurucul UEBA helps them protect their healthcare data!

The post Do You Think Your Healthcare Data Is Safe? appeared first on Gurucul.

*** This is a Security Bloggers Network syndicated blog from Blog – Gurucul authored by Jane Grafton. Read the original post at: https://gurucul.com/blog/do-you-think-your-healthcare-data-is-safe

May 18, 2021May 18, 2021 Jane Grafton Account Compromise, Blog, healthcare, User and Entity Behavior Analytics (UEBA)
  • ← Cybersecurity Executive Order – A First Step
  • CPDP 2021 – Moderator: Rosamunde Van Brakel ‘Involving Data Subjects In Democratic Oversight Of Police-Use Of Surveillance Technologies’ →

Techstrong TV

Click full-screen to enable volume control
Watch latest episodes and shows

Tech Field Day Experience at Qlik Connect 2025

Upcoming Webinars

Software Supply Chain Security: Navigating NIST, CRA, and FDA Regulations

Podcast

Listen to all of our podcasts

Press Releases

GoPlus's Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On

Subscribe to our Newsletters

ThreatLocker

Most Read on the Boulevard

Signal Gives Microsoft a Clear Signal: Do NOT Recall This
Strategic Defense Innovation: Israel and South Korea’s Technological Partnership 
Survey: Too Much Time Being Spent on Managing Cybersecurity Tools
Law Enforcement, Microsoft Disrupt Operations of Popular Lumma Stealer
U.S. Authorities Seize DanaBot Malware Operation, Indict 16
The State of AI in Cybersecurity 2025: What’s Working, What’s Lagging, and Why It Matters Now More Than Ever
Malicious attack method on hosted ML models now targets PyPI
Application Security Testing: Security Scanning and Runtime Protection Tools
Qatar National Bank Breach Explained: How the Attack Happened and What’s Next
The OWASP LLM Top 10 and Sonatype: Data and model poisoning

Industry Spotlight

Signal Gives Microsoft a Clear Signal: Do NOT Recall This
Application Security Cyberlaw Cybersecurity Data Privacy Endpoint Featured Governance, Risk & Compliance Humor Incident Response Industry Spotlight Most Read This Week News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches Vulnerabilities 

Signal Gives Microsoft a Clear Signal: Do NOT Recall This

May 22, 2025 Richi Jennings | 2 days ago 0
Coinbase Says Breach May Cost $400 Million, Issues $20 Million Bounty
Cloud Security Cybersecurity Data Privacy Data Security Featured Identity & Access Industry Spotlight Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight Threats & Breaches 

Coinbase Says Breach May Cost $400 Million, Issues $20 Million Bounty

May 16, 2025 Jeffrey Burt | May 16 0
Warning to US Retail: ‘Scattered Spider’ Targets YOU (with DragonForce Ransomware)
Analytics & Intelligence Cloud Security Cybersecurity Data Privacy Data Security DevOps Endpoint Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Industry Spotlight Malware Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Warning to US Retail: ‘Scattered Spider’ Targets YOU (with DragonForce Ransomware)

May 15, 2025 Richi Jennings | May 15 0

Top Stories

U.S. Authorities Seize DanaBot Malware Operation, Indict 16
Cloud Security Cybersecurity Data Privacy Data Security Endpoint Featured Identity & Access Malware Network Security News Security Boulevard (Original) Spotlight Threats & Breaches 

U.S. Authorities Seize DanaBot Malware Operation, Indict 16

May 23, 2025 Jeffrey Burt | 1 day ago 0
Survey Surfaces Limited Amount of Post Quantum Cryptography Progress
Cybersecurity Featured News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Spotlight 

Survey Surfaces Limited Amount of Post Quantum Cryptography Progress

May 23, 2025 Michael Vizard | 2 days ago 0
Law Enforcement, Microsoft Disrupt Operations of Popular Lumma Stealer
Cloud Security Cybersecurity Data Privacy Data Security Featured Identity & Access Malware Mobile Security Network Security News Security Boulevard (Original) Social - Facebook Social - LinkedIn Social - X Social Engineering Spotlight Threat Intelligence 

Law Enforcement, Microsoft Disrupt Operations of Popular Lumma Stealer

May 22, 2025 Jeffrey Burt | 2 days ago 0

Security Humor

Randall Munroe’s XKCD ‘Baker's Units’

Randall Munroe’s XKCD ‘Baker’s Units’

Download Free eBook

7 Must-Read eBooks for Security Professionals

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Creators Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Cloud Native Now
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2025 Techstrong Group Inc. All rights reserved.
×

Security in AI

Step 1 of 7

14%
How would you best describe your organization's current stage of securing the use of generative AI in your applications?(Required)
Have you implemented, or are you planning to implement, zero trust security for the AI your organization uses or develops?(Required)
What are the three biggest challenges your organization faces when integrating generative AI into applications or workflows? (Select up to three)(Required)
How does your organization secure proprietary information used in AI training, tuning, or retrieval-augmented generation (RAG)? (Select all that apply)(Required)
Which of the following kinds of tools are you currently using to secure your organization’s use of generative AI? (select all that apply)(Required)
How valuable do you think it would it be to have a solution that classifies and quantifies risks associated with generative AI tools?(Required)
What are, or do you think would be, the most important reasons for implementing generative AI security measures? (Select up to three)(Required)

×