Healthcare Sector Accounts For 43% Of UK Data Breaches

The UK health sector suffered a disproportionate number of data breach incidents between January 2014 and December 2016. In total, healthcare organisations suffered 2,447 incidents and accounted for 43% of all reported incidents in the time period.

By comparison, the second highest was local government, with 642 reported incidents, an 11% share. The data, received from the Information Commissioner’s office, also shows that human error accounts for the almost half of these incidents across every sector.

Analysis of the data found a clear spike in data breach incidents within UK healthcare organisations. Comparing the last quarter (October – December) of the past three years, healthcare organisations were found to consistently top the list for data breach incidents. Furthermore, the number of incidents rose year on year, with a 20% increase, from 184 incidents in the last quarter of 2014, to 221 in the last quarter of 2016.

Critically, the findings showed that the many of these incidents are attributed to human error, rather than external threat. Taking the 221 incidents occurring between October and December 2016, the top-ranking incident types were:

1. Theft or loss of paperwork – 24%
2. Other failure – 22%
3. Data faxed/posted to incorrect recipient – 19%
4. Data sent by email to incorrect recipient – 9%
5. Failure to redact data – 5%

A new report from Vectra Networks into cyber security trends shows healthcare to be the most frequently targeted industry, with 164 threats detected per 1,000 host devices.

Next most targeted are education and media, which had 145 and 123 detections per 1,000 host devices, respectively. By comparison, the food and beverage industry came in as the least targeted industry with just 17 detections per 1,000 hosts.
The study from Vectra Networks revealed recently at Infosecurity Europe event reveals that attack rates are increasing with the average number of reconnaissance, lateral movement and exfiltration detections all up by more than 265 percent.
Media organisations experienced the highest rates of exfiltration, with 34 detections per 1,000 host devices. The rates of exfiltration attempts can likely be attributed to the its decentralised supply chain made up of small businesses with limited IT staff.

The entertainment industry experienced above-average rates of the five attack behaviors measured. Only the food and beverage industry experienced below-average detections for all activity measured.

Reconnaissance detections were up by 333 percent compared to 2016. Internal reconnaissance is a necessary first step for ransomware campaigns, so the sharp increase in detections may be an early indicator of the recent rise of attacks such as WannaCry.

The finance and technology sectors have proved to be the most resilient. These industries have below-average detection rates, with 37 and 38 detections per 1,000 hosts, respectively. This indicates the presence of stronger policies, mature response capabilities, and better control of the attack surface.

Recent Events

“Following the WannaCry exploit, the vulnerability of the healthcare industry, and the critical importance of improving its cyber-security, has come into sharp focus,” said Tony Pepper, CEO and co-founder of Egress Software Technologies. “While it’s clear there is a security problem in healthcare, these figures show that it is as much about internal activity as external threat.
“There’s no doubt that someone inadvertently emailing a spread-sheet containing sensitive patient details to the wrong person isn’t as good a headline as a ransomware attack, but that does not diminish the threat it poses.”

While healthcare had the highest volume of incidents, others are increasing more rapidly. Across all sectors, the total number of security incidents reported has increased by almost one-third (32%) since 2014.

The courts and justice sector has experienced the most significant increase in incidents, a 290% hike since 2014, placing it in the top five worst affected industries by the last quarter of 2016.
Other significant increases can be seen in the central government and finance industries, with 33% and 44% increases, respectively.

The ‘human element’ – where internal staff have made mistakes – accounted for almost half of total data breach incidents: 44% October-December 2014, 43% 2015 and 49% 2016. Data shared in error is the single highest contributor to breaches year-on-year resulting from human error, annually, causing roughly one-third of incidents.
 “We are all aware that security incidents are rising, but many may not suspect how large a proportion of these are down to error and lack of control over sensitive data,” continued Pepper.

“What the information from the ICO makes clear is that all businesses need to do more to better protect sensitive information. Meeting this challenge requires a combination of improved employee training and the communication of risks, and the deployment of the right technologies to minimise the number opportunities available for human error to take hold.”

Information Age:         Beta News:

You Might Also Read:

How Cybercrime Affects The Healthcare Industry:

What Healthcare CISOs Should Know:

Healthcare Starts Spending Big On Cybersecurity:

 

« Australia Implements Mandatory Data Breach Reporting
Israeli Hackers Have Penetrated ISIS Networks »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Pervade Software

Pervade Software

Pervade Software is a global provider of dedicated compliance tracking software with monitoring & reporting capabilities.

Airbus Cybersecurity

Airbus Cybersecurity

Airbus CyberSecurity is a European specialist in cyber security. Our mission is to protect governments, military and critical national infrastructure enterprises from cyber threats.

ODVA

ODVA

ODVA is a global trade and standards development organization whose members comprise the world’s leading industrial automation companies.

Cybercrypt

Cybercrypt

Cybercrypt is a world leading system provider in robust cryptography. Protecting critical assets, applications and sensitive data.

Skurio

Skurio

Skurio create cost-effective, intuitive and powerful Cloud based solutions to identify threats, detect data breaches outside the network and automate the response.

Ceerus

Ceerus

Ceerus was created to simplify the process of deploying and managing security across all the channels in an organisation.

Fair Isaac Corporation (FICO)

Fair Isaac Corporation (FICO)

FICO provides analytics software and tools used across multiple industries to manage risk, fight fraud, optimize operations and meet strict government regulations.

Multitel

Multitel

Multitel is an independent research centre. We develop and integrate emerging technologies into the industrial fabric at the regional and international levels.

Mvine

Mvine

Mvine's primary business is authoring and selling Cyber-Secure Platforms for Collaboration Portals and for Identity Management as well as delivering cloud support services.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

CHT Security

CHT Security

CHT Security is a Managed Security Service Provider (MSSP) specialized in cyber security technologies enabling enterprises to defense against cyber threats to networks, gateways and endpoints.

Splone

Splone

Splone is a Berlin-based IT security research team and consultancy. We help improve IT-security by offering red team assements, penetration tests, audits and customized consulting.

Quantum Xchange

Quantum Xchange

As the provider of unbreakable quantum-safe encryption, Quantum Xchange gives commercial enterprises and government agencies the ultimate defense to keep high-value data safe.

Datenschutz Schmidt

Datenschutz Schmidt

Datenschutz Schmidt is a service provider with many years of experience, we support you in complying with numerous data protection guidelines, requirements and laws.

Sparrow

Sparrow

Sparrow specializes in application security testing solutions to cope with new technology trends such as cloud, mobile, and DevSecOps.

Mobilen Communications

Mobilen Communications

Mobilen are dedicated to providing our customers with the highest level of secure data in transit and to bring privacy back to a mobile world.