Healthcare agencies average about 1 cyber threat each month and nearly half say they have experienced a tragedy including the loss or exposure of patient data during the previous year, leaving sufferers at threat of identity theft.
These are among the findings of a survey by security company ESET and the Ponemon Instituteinto cyber security in the healthcare sector.
In accordance to 78% of respondents, the most common security tragedy is the exploitation of existing software susceptibilities greater than 3 months old. Advanced persistent risks are an issue too; respondents experienced an APT attack about every 3 months during the initial year. The primary consequences of APTs and 0-day attacks were IT downtime (63%) followed by the inability to give services (46%). Yet despite these attacks merely half of respondents claim they have an incident response policy in place.
Attackers are most intrigued in sufferer’s medical records according to 81% of respondents. Also a majority (52%) claim that legacy systems and latest technologies to support cloud and mobile implementations, big data and the IoT, increase security vulnerabilities for patient data. Respondents also expressed concern about the effect of worker negligence (46%), and the ineffectiveness of business associate agreements mandated by HIPAA which are designed to ensure patient data security (45%).
No comments:
Post a Comment