Healthcare Starts Spending Big On Cybersecurity

Over 80% of US healthcare organisations and 76% of global healthcare organisations will increase information security spending in 2017, reflective of a rapid transition to electronic health records and increasingly digitised personal health data.

The spending comes with the recognition that digitisation is a double-edged sword. According to the 2017 Thales Data Threat Report, Healthcare Edition, requirements in the US are driving healthcare organisations to digitise their data in a bid for greater efficiency.

However, modernisation comes at a hefty price: Individual healthcare data is exposed to more people, in more places and on more devices, including smartphones, laptops and increasingly, Internet of Things (IoT) devices. 

And in fact, the Report found that 60% of US healthcare respondents reported their organisation were deploying to Cloud, big data and IoT or container environments without adequate data security controls. 

Despite the risks that come from increased access points, 60% of US healthcare respondents reported their organisation were deploying to cloud, big data, and IoT or container environments without adequate data security controls. 

The healthcare industry is also adopting some of these technologies for sensitive data use wholesale, with 69% of US respondents leveraging SaaS, 59% big data, 46% mobile and 35% IoT environments.

The numbers may explain why 90% of US healthcare respondents feel vulnerable to data threats and why cybersecurity spending increases by US healthcare companies leads that of all other vertical markets surveyed, including the government and financial sectors.

Across the board, encryption is the technology of choice when it comes to protecting sensitive data residing within cloud, IoT and container environments. 

A full 65% of US healthcare respondents and 58% of global healthcare respondents opt to encrypt data in the public cloud, with the survey yielding similar numbers for IoT data (59% US; 58% global) and container data (58% US; 60% global).

Yet despite the healthcare industry’s growing interest in encryption, many organisations remain stubbornly focused on network and endpoint security. Network security is still the top choice for US healthcare spending by a wide margin (69%), compared to 53% of global respondents. Endpoint security, at 61%, isn’t far behind.

“While network and endpoint technologies are a required element of an organization’s IT security stance, they are increasingly less effective at keep external attacks at bay, and in securing cloud, big data, IoT and container deployments, which result in data being distributed, processed and stored outside corporate network boundaries,” the Report noted.

“Globally and in the US, healthcare companies are under pressure,” said Peter Galvin, VP of strategy, Thales e-Security. 

“In the US, digital innovation is transforming the way patient information is created, shared or stored. For healthcare data to remain safe from cyber exploitation, encryption strategies need to move beyond laptops and desktops to reflect a world of internet-connected heart-rate monitors, implantable defibrillators and insulin pumps. Adhering to the security status quo will create vulnerabilities that lead to breaches, and further erode customer trust.”

Healthcare organisations interested in improving their overall security postures should strongly consider: Deploying security tool sets that offer services-based deployments, platforms and automation; discovering and classifying the location of sensitive data, particularly within IoT and container environments; and leveraging encryption and bring-your-own-key (BYOK) technologies for the Cloud and other advanced environments.

Infosecurity

Stolen Health Records Flooding Dark Web Markets:

Healthcare Data Breaches In 2017 Will Get Worse:

 

« New Malware Hides In Memory
HSBC Appoints A Technology Advisory Board »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Leonardo

Leonardo

Leonardo (formerly Finmeccanica) is a global high-tech company in Aerospace, Defence, Security & Information Systems including Cybersecurity & ICT solutions.

Opengear

Opengear

Opengear ensures network resilience to enterprises by enabling business continuity with the Network Resilience Platform.

Asigra

Asigra

Asigra provides an industry leading cloud backup and recovery software platform called Asigra Cloud Backup.

Akheros

Akheros

Akheros develops cybersecurity learning algorithms which anticipate, detect and prevent offensive and incongruous behaviors of M2M interactions.

Entrust

Entrust

Entrust is a global leader in digital security, identities, payments, and data protection.

Assured Enterprises

Assured Enterprises

Assured Enterprises provides comprehensive cyber risk identification, management and mitigation across all platforms.

Cyber Base

Cyber Base

Cyber Base is an Information Technology company based in Uganda providing software and hardware solutions to clients.

Corelight

Corelight

Corelight is the most powerful network visibility solution for information security professionals.

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

Secured Communications

Secured Communications

Secured Communications has developed the only unified secure communications platform trusted by public safety and counter terrorism professionals around the world.

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

Xiarch Solutions

Xiarch Solutions

Xiarch Security is an global security firm that educates clients, identifies security risks, informs intelligent business decisions, and enables you to reduce your attack surface.

e-Xpert Solutions

e-Xpert Solutions

e-Xpert Solutions is a company specialized in the Information Security field since 2001. Our skills are strong technical expertise and the development of tailor-made solutions.

Casepoint

Casepoint

Casepoint is the legal technology platform of choice for corporations, government agencies, and law firms to meet their complex eDiscovery, investigations, and compliance needs.

LegalByte

LegalByte

LegalByte is a leading provider of comprehensive legal and forensic services dedicated to addressing the complex challenges of the digital age.

Convergint

Convergint

Convergint is a service-based systems integrator working alongside a global network of partners and manufacturers to deliver a range of solutions including cybersecurity.