IDC Health Insights released a new report, which shows the increasing cyber threats and the impact of successful attacks in healthcare business operations and how these health organizations are investing in its strategy to protect your valuable electronic assets.
Healthcare organizations today have higher risk of suffering a cyber attack than ever, in part because electronic health information is more widely available after the approval of Law Portability and Health Insurance Responsibility.
Cybercriminals visualize healthcare organizations as an easy target in relation to financial services and retailers, because historically they have invested less in IT, including in security technologies, than other industries, making them more vulnerable to successful attacks. The value of health information that can be used to commit medical fraud, is exceeding the value of credit card numbers on the black market, thus increasing the attraction to steal health information.
The physical loss or theft of a laptop, mobile or portable device, was the most common violation incident reported in the Department of Health and Human Services (DHHS) US. Safety is an important IT initiative for health service providers. In 2014, according to IDC, security technologies and risk management were the number one initiative (29.0%). In 2013, it was also the initiative top ranking (20.1%).
To overcome the threats, more than 80% of healthcare data will be moved to the cloud and health care providers seek to leverage cloud and big data based technology and cloud infrastructure for data collection, analytics, aggregation, and decision making.
Cyber attacks against health will surely increase in number and level of sophistication in the next 12 to 24 months. According to the report, health organizations must take a more proactive stance in protecting against cyber threats and attacks, will have to invest in intelligence threat against combining reports from security vendors and own network logs. Predictive analytics can be applied against external and internal data to help identify behaviors that suggest that the systems are being compromised and under attack.
Approximately 1 in 4 cyber attacks had an impact on normal business operations. Most respondents (52.2%) indicated that the shortest impact lasted less than an hour and 43.3% reported that the longest duration was between 8 and 24 hours. The overwhelming majority of healthcare executives reported that their spending on cyber threats increased (59.6%) or remained the same (38.3%) over the last three years. On average, respondents who reported an increase was 14.8%.
Consumers value their privacy according to report, but are not as confident that healthcare organizations are adequately protecting your data. Consumers interested are willing to end a relationship with the health service provider after a violation, including the change of the operator (21.6%) and changing health plans (5%).
The report further noted that for healthcare organizations, it’s not a matter of if they are going to be attacked but when. Healthcare cyber security strategies need to take a comprehensive approach and include not only react and defend capabilities, but also predict and prevent capabilities to effectively thwart cybercriminals.