Healthcare data under attack
As the healthcare industry continues to be an attractive target in cyberattacks, the latest data shows that cybercriminals are taking more patient health data than ever.
When the number of breaches doesn’t materially change from year to year, it’s a natural assumption that the impact of those breaches is equally similar.
With breached records costing healthcare organizations an average of $408, the massive jump in the number of total records breaches incurs a significant cost.
Also according to the report, it took healthcare organizations 255 days to detect a breach. While down from 308 days in 2017, the 255 days still represents over 8 months of time with a breach remaining undetected.
255 days to detect a breach? Why?
Part of the issue is how these breaches are occurring – malware, hacking, and social engineering make up one-third of all data breaches in healthcare. All of these threat actions involve the user. In each scenario, the user needs to open an email, respond to a web form, click on a malicious link. And, also in each scenario, the user has the opportunity to scrutinize emails and websites they interact with, looking for and avoiding any content that could be considered suspicious.
Users that frequently undergo Security Awareness Training are taught to have a security-centric mindset while at work – one that incorporates the need to protect the organization from email- and web-borne attacks through tactics such as phishing and social engineering.
The bad guys are obviously getting better at taking more data from healthcare organizations. It’s time for these organizations to step up their cybersecurity stance and include users as part of the defense.
—
Cyber Safety Net – Keeping you safe online. See https://cybersafetynet.net/cyber-security-awareness-training/ to train and strengthen your human firewall. See https://youtu.be/UFpFesrcnvY and https://www.knowbe4.com/security-awareness-training-features/ to learn more.