Healthcare Starts Spending Big On Cybersecurity

Over 80% of US healthcare organisations and 76% of global healthcare organisations will increase information security spending in 2017, reflective of a rapid transition to electronic health records and increasingly digitised personal health data.

The spending comes with the recognition that digitisation is a double-edged sword. According to the 2017 Thales Data Threat Report, Healthcare Edition, requirements in the US are driving healthcare organisations to digitise their data in a bid for greater efficiency.

However, modernisation comes at a hefty price: Individual healthcare data is exposed to more people, in more places and on more devices, including smartphones, laptops and increasingly, Internet of Things (IoT) devices. 

And in fact, the Report found that 60% of US healthcare respondents reported their organisation were deploying to Cloud, big data and IoT or container environments without adequate data security controls. 

Despite the risks that come from increased access points, 60% of US healthcare respondents reported their organisation were deploying to cloud, big data, and IoT or container environments without adequate data security controls. 

The healthcare industry is also adopting some of these technologies for sensitive data use wholesale, with 69% of US respondents leveraging SaaS, 59% big data, 46% mobile and 35% IoT environments.

The numbers may explain why 90% of US healthcare respondents feel vulnerable to data threats and why cybersecurity spending increases by US healthcare companies leads that of all other vertical markets surveyed, including the government and financial sectors.

Across the board, encryption is the technology of choice when it comes to protecting sensitive data residing within cloud, IoT and container environments. 

A full 65% of US healthcare respondents and 58% of global healthcare respondents opt to encrypt data in the public cloud, with the survey yielding similar numbers for IoT data (59% US; 58% global) and container data (58% US; 60% global).

Yet despite the healthcare industry’s growing interest in encryption, many organisations remain stubbornly focused on network and endpoint security. Network security is still the top choice for US healthcare spending by a wide margin (69%), compared to 53% of global respondents. Endpoint security, at 61%, isn’t far behind.

“While network and endpoint technologies are a required element of an organization’s IT security stance, they are increasingly less effective at keep external attacks at bay, and in securing cloud, big data, IoT and container deployments, which result in data being distributed, processed and stored outside corporate network boundaries,” the Report noted.

“Globally and in the US, healthcare companies are under pressure,” said Peter Galvin, VP of strategy, Thales e-Security. 

“In the US, digital innovation is transforming the way patient information is created, shared or stored. For healthcare data to remain safe from cyber exploitation, encryption strategies need to move beyond laptops and desktops to reflect a world of internet-connected heart-rate monitors, implantable defibrillators and insulin pumps. Adhering to the security status quo will create vulnerabilities that lead to breaches, and further erode customer trust.”

Healthcare organisations interested in improving their overall security postures should strongly consider: Deploying security tool sets that offer services-based deployments, platforms and automation; discovering and classifying the location of sensitive data, particularly within IoT and container environments; and leveraging encryption and bring-your-own-key (BYOK) technologies for the Cloud and other advanced environments.

Infosecurity

Stolen Health Records Flooding Dark Web Markets:

Healthcare Data Breaches In 2017 Will Get Worse:

 

« New Malware Hides In Memory
HSBC Appoints A Technology Advisory Board »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Technology Institute - De Montfort University

Cyber Technology Institute - De Montfort University

The Cyber Technology Institute provides training and high quality research and consultancy services in the fields of cyber security, software engineering and digital forensics.

qSkills

qSkills

QSkills is an independent training provider specialized high-quality IT and IT management training courses including IT security.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

Rwanda Information Society Authority (RISA)

Rwanda Information Society Authority (RISA)

RISA is at the forefront of all ICT project implementation, research, infrastructure and innovation within the ICT sector in Rwanda.

SCADASUDO

SCADASUDO

SCADASUDO is a cyber solution architecture and design office, established by leading experts in the field of OT (Industrial control) and IT (information Technology).

CyberGuru

CyberGuru

CyberGuru is a service provided by CyberSecurity Malaysia specializing in cyber security professional training and development.

Security Innovation Network (SINET)

Security Innovation Network (SINET)

SINET is dedicated to building a cohesive, worldwide Cybersecurity community with the goal of accelerating innovation through collaboration.

Qasky

Qasky

Anhui Qasky Quantum Technology Co. Ltd. (Qasky) is a new high-tech enterprise engaged in quantum information technology industrialization in China.

Hudson Cybertec

Hudson Cybertec

Hudson Cybertec are an internationally recognized Subject Matter Expert for cyber security in the Industrial Automation & Control Systems (IACS) domain.

Fifosys

Fifosys

Fifosys is a professional technology infrastructure specialist, delivering a broad portfolio of high quality technical and strategic managed services.

SEIRIM

SEIRIM

SEIRIM delivers cybersecurity solutions in Shanghai China specializing in Web Application Security, Network Security for SME's, Vulnerability Management, and serving as Managed Security as a Service.

Gradient Cyber

Gradient Cyber

Gradient Cyber is a trusted cybersecurity partner specializing in small businesses and mid-market enterprises concerned about cybersecurity but lacking the staff to give it the attention it deserves.

Halogen Group

Halogen Group

Halogen Group is the leading Security Solutions Provider in West Africa. Services encompass Physical Security, Electronic Security, Virtual & Cyber Security, Risk Assessments and Training.

Triangle

Triangle

Triangle enable innovative business transformation by ensuring critical hybrid infrastructures are optimised, interoperable and secure.

Solcon Capital

Solcon Capital

Solcon Capital is a forward-looking, technology-focused investment firm that is committed to identifying and investing in the most promising areas of innovation and development in the tech industry.

Semgrep

Semgrep

Semgrep is a fast, open-source, static analysis tool for profoundly improving software security and reliability.

NewEvol

NewEvol

Don’t React, Evolve! Outsmart threats with real-time AI-powered dynamic defense capability of NewEvol all-in-one cybersecurity platform.