The statistics are alarming. Nearly 90 percent of healthcare organizations surveyed for a recent Ponemon1 study had a data breach in the past two years, and nearly half had more than five data breaches in the same time period.
Cybercrime in Healthcare
This is the second year in a row that criminal attacks are the leading cause of data breaches in healthcare. What is attracting cybercriminals to the industry?
It’s all about the data. Cybercriminals find healthcare organizations of particular interest because of the sensitive and diverse data they collect, which includes data ranging from personal identifiable information (PII) to financial information. This data is easily sold on the dark web by cybercriminals. Even more importantly, they also know that the healthcare industry is an easy target.
Why Are Healthcare Organizations so Vulnerable to Cybercrimes?
Healthcare organizations are at a greater risk of a data breach, but why? The Ponemon survey revealed one of the top and very critical reasons why; they lack the technologies needed to mitigate a data breach. Healthcare providers have implemented only a modest amount of basic and advance information security tools according to a recent HIMSS2 study.
In that study, they discovered that the industry is facing multiple challenges. Simple protections like firewalls are not being used by every provider, which exposes them to malware. Even fewer providers are encrypting data in transit making this data susceptible to eavesdropping, packet sniffing and other malicious activity.
Many healthcare organizations are also struggling with patch and vulnerability management. While just over half are using intrusion detection systems and network monitoring tools. With this information it should be no surprise why cybercriminals find the healthcare industry appealing.
The Solution: Third Party Assessment
The industry is taking action to strengthen their defense. In fact, over half say they are increasing spending on third-party security assessments.3 One of the best methods to do that is penetration testing, also known as a pen test.
Pen testing is an effective way to investigate the fundamental security of your IT infrastructure, systems, networks and web applications and discover vulnerabilities that may leave you open to a security breach. From protocols to disaster recovery sites every aspect of your enterprise IT structure is reviewed searching for vulnerabilities in operating systems, service and application flaws, improper configurations, or risky employee behavior.
The process involves creating actual attacks upon your system to identify ways to exploit vulnerabilities to circumvent or defeat the security features of system components. This is different from a vulnerability scan, which is designed to identify the vulnerabilities, not to test them. The pen test tries to exploit those vulnerabilities just like a cybercriminal.
Once the pen test is completed, a report is provided that includes a description of each vulnerability issue, and more specific risks that vulnerability may pose, including detailed methods on how and to what extent it might be exploited.
Taking Action
With an in depth report in hand, your team has the information they need to acquire the right technology and establish protocols and policies to not only detect, but also protect your IT infrastructure and data against compromise.
Additionally, you may want to tap the knowledge and experience of the cyber security expert who performed the assessment. Based on their extensive experience in the cyber security world, they can better assist you in identifying the right technology to solve those vulnerabilities and integrate with your current system.
Sources:
1 Ponemon “Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data,” 2016
2HIMSS, “HIMSS Cybersecurity Survey,” 2016
3HIMSS and Veracode, “HIMSS and Veracode Survey Reveals Application Vulnerabilities Are Top Cybersecurity Concern for Healthcare Providers” January 21, 2016