Just over a year ago, the WannaCry ransomware attack wreaked havoc on the UK National Health Service (NHS), ultimately disrupting a third of its facilities and causing a rash of canceled appointments and operations. Breaches are always a concern in healthcare, but this incident brought to light its impact in terms of patient care and patient trust.
Healthcare organizations are increasingly falling into the crosshairs of hackers. Hospital and healthcare settings are unique in that they house both financial and protected health information, while also offering an enormous number of access points by way of people – staff, patients and visitors, and electronic devices including medical and mobile devices as well as websites and patient portals on their networks.
When you take all this into consideration, it’s not surprising that 77 percent of healthcare IT professionals, surveyed by Imperva at the 2018 Healthcare Information and Management Systems Society (HIMSS) conference were very concerned about a cybersecurity event striking their healthcare organization. And to further make the point, almost 40 percent of those surveyed said their institution had suffered a cyberattack within the last year.
(Also, the emerging discipline of Infonomics provides business and IT leaders a way to understand and value their information and create security policies that take into account the relative risk around breaches that also make fiscal sense. Download the Gartner report.)
Given the severity of WannaCry, it’s little wonder that the type of breach professionals most feared was ransomware (32 percent) followed closely by insider threats (25 percent). Insider threats are particularly bothersome, given that healthcare is the only industry that has a greater risk of insider threat than of an external one (2018 Verizon Data Breach Report).
Insider threats are classified into three types: malicious, careless and compromised. In the survey, 51 percent indicated they were most concerned about careless users, which means their casual or thoughtless behavior was likely to expose sensitive data, despite the person not having malicious intent.
Additionally, 27 percent of healthcare cybersecurity professionals said a lack of tools to monitor employees and other insider activities makes detecting insider threats difficult. While 32 percent of healthcare IT professionals believe collecting information from diverse security tools is the most time-consuming task when investigating or responding to insider threats.
From a cybersecurity perspective, healthcare organizations are problematic given the number of people that have access to their systems and the financial and protected health data that they house. It’s one of the only industries where being unable to access data can bring physical harm. It’s imperative that healthcare organizations do all they can to protect their sensitive data.
One option to help with insider threats is to employ solutions based on machine learning technology to process and analyze vast amounts of data. This will help security teams pinpoint critical anomalies that indicate misuse of enterprise data, so they can quickly quarantine risky users to prevent any further issues. For an in-depth look at combating insider threats, see the Imperva Whiteboard Wednesday video, “Challenges of Insider Threat Detection.”
View the full survey results on SlideShare.