Healthcare Starts Spending Big On Cybersecurity

Over 80% of US healthcare organisations and 76% of global healthcare organisations will increase information security spending in 2017, reflective of a rapid transition to electronic health records and increasingly digitised personal health data.

The spending comes with the recognition that digitisation is a double-edged sword. According to the 2017 Thales Data Threat Report, Healthcare Edition, requirements in the US are driving healthcare organisations to digitise their data in a bid for greater efficiency.

However, modernisation comes at a hefty price: Individual healthcare data is exposed to more people, in more places and on more devices, including smartphones, laptops and increasingly, Internet of Things (IoT) devices. 

And in fact, the Report found that 60% of US healthcare respondents reported their organisation were deploying to Cloud, big data and IoT or container environments without adequate data security controls. 

Despite the risks that come from increased access points, 60% of US healthcare respondents reported their organisation were deploying to cloud, big data, and IoT or container environments without adequate data security controls. 

The healthcare industry is also adopting some of these technologies for sensitive data use wholesale, with 69% of US respondents leveraging SaaS, 59% big data, 46% mobile and 35% IoT environments.

The numbers may explain why 90% of US healthcare respondents feel vulnerable to data threats and why cybersecurity spending increases by US healthcare companies leads that of all other vertical markets surveyed, including the government and financial sectors.

Across the board, encryption is the technology of choice when it comes to protecting sensitive data residing within cloud, IoT and container environments. 

A full 65% of US healthcare respondents and 58% of global healthcare respondents opt to encrypt data in the public cloud, with the survey yielding similar numbers for IoT data (59% US; 58% global) and container data (58% US; 60% global).

Yet despite the healthcare industry’s growing interest in encryption, many organisations remain stubbornly focused on network and endpoint security. Network security is still the top choice for US healthcare spending by a wide margin (69%), compared to 53% of global respondents. Endpoint security, at 61%, isn’t far behind.

“While network and endpoint technologies are a required element of an organization’s IT security stance, they are increasingly less effective at keep external attacks at bay, and in securing cloud, big data, IoT and container deployments, which result in data being distributed, processed and stored outside corporate network boundaries,” the Report noted.

“Globally and in the US, healthcare companies are under pressure,” said Peter Galvin, VP of strategy, Thales e-Security. 

“In the US, digital innovation is transforming the way patient information is created, shared or stored. For healthcare data to remain safe from cyber exploitation, encryption strategies need to move beyond laptops and desktops to reflect a world of internet-connected heart-rate monitors, implantable defibrillators and insulin pumps. Adhering to the security status quo will create vulnerabilities that lead to breaches, and further erode customer trust.”

Healthcare organisations interested in improving their overall security postures should strongly consider: Deploying security tool sets that offer services-based deployments, platforms and automation; discovering and classifying the location of sensitive data, particularly within IoT and container environments; and leveraging encryption and bring-your-own-key (BYOK) technologies for the Cloud and other advanced environments.

Infosecurity

Stolen Health Records Flooding Dark Web Markets:

Healthcare Data Breaches In 2017 Will Get Worse:

 

« New Malware Hides In Memory
HSBC Appoints A Technology Advisory Board »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO CCDCOE's mission is to enhance the capability, cooperation and information sharing among NATO, NATO nations and partners in cyber defence.

Guardian360

Guardian360

The Guardian360 platform offers unrivalled insight into the security of your applications and IT infrastructure.

Terranova Security

Terranova Security

Terranova is dedicated to providing information security awareness programs customized to your internal policies and procedures.

Total Cyber-Sec

Total Cyber-Sec

Total Cyber-Sec is a company specialized in providing Professional Information Security and Cybersecurity Services.

Magtech Solutions

Magtech Solutions

Magtech Solutions is a one-stop IT Solutions provider offering Cloud Computing, IT Security, Unified Email Solutions and ERP systems.

OcuCloud

OcuCloud

OcuCloud protects businesses' valuable information in the cloud, preventing security breaches caused by employees and remote vendors.

Veriff

Veriff

Veriff provides highly-automated identity-verification services that prevent fraud like nothing else on the market.

101 Blockchains

101 Blockchains

101 Blockchains is a professional and trusted provider of enterprise blockchain research and training.

Adit Ventures

Adit Ventures

Adit Ventures is a venture capital firm with a focus on dynamic growth sectors including AI & Machine Learning, Big Data, Cybersecurity and IoT.

RecoLabs (Reco)

RecoLabs (Reco)

Reco empowers organizations to discover their SaaS applications, identities, and data, control access and prevent the risk of exposure.

Obrela Security Industries

Obrela Security Industries

Obrela provides security analytics and risk management services to identify, analyze, predict and prevent highly sophisticated security threats in real time.

Elastio

Elastio

Elastio's cloud-native platform safeguards cloud data from the risks posed by ransomware, application failures and storage security vulnerabilities.

Finite State

Finite State

Finite State enables product security teams to protect the devices we rely on every day through market-leading software threat, vulnerability, and risk management.

SafeAeon

SafeAeon

SafeAeon is a leading Cybersecurity-as-a-Service provider, offering 24x7 premium Managed Security Services with AI-powered and Human-driven 24x7 SOC.

HeroDevs

HeroDevs

HeroDevs is the trusted leader in providing secure, long-term support for deprecated open-source software.

Blaze Networks

Blaze Networks

Blaze are a security-focused Managed Services Provider delivering communications and IT services to businesses across the UK.