The State Of Cyber Security In Healthcare

Fortified Health Security have released its mid year 2021 Horizon Report with detailed findings that illustrate how healthcare providers, health plans and business associates are being affected by cyber security threats. These come from bad actors in the first half of 2021 and what security measures healthcare organisations should implement to combat these high-profile threats.
 
The Report leverages a comprehensive cross-section of information, expertise and statistical analysis to highlight industry-wide trends, insights and predictions. 
 
Horizon Reports have been published by Fortified Health Security since 2017 and are designed to help healthcare stakeholders navigate the exceedingly complex cybersecurity landscape by sharing best practices and actionable guidance.

Significant Findings From The 2021 Mid-Year Horizon Report:

  • The number of breaches reported to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) in the first six months of 2021 increased by 27% over the same period in 2020.
  • The total number of affected individuals skyrocketed more than 185%, from 8 million individuals in the first six months of 2020 to 22.8 million affected individuals in the first six months of 2021.
  • Healthcare providers continue to account for the most breaches, 73% of the total, with health plans accounting for 16% and business associates 11%.
  • Malicious attacks were the No. 1 cause of breaches for the fifth consecutive year, and for three years running, malicious attacks accounted for 73% of all breaches.
“Now as the healthcare industry gets some breathing room from the pandemic, another one is surging, cyber attacks,” said Dan L. Dodson, CEO of Fortified Health Security. “The attacks on our nation’s critical infrastructures which includes our hospital systems, has resulted in government agencies showing a renewed focus on cybersecurity... This has helped move cyber security to the forefront of many boardroom discussions. We, as healthcare leaders, must seize this opportunity to educate and inform stakeholders on the current cybersecurity threat landscape and the actions needed to combat these attacks.”
 
The pandemic forced many healthcare organisations, along with other industry segments, to establish remote work environments for non-patient-facing workers, leading employees to transform bedrooms and kitchens into home-office spaces. As a result, the prevalence of a remote workforce expanded the attack surface that cyber security teams in virtually all industries had to protect, as private records and data moved outside their facilities. 

According to the Report:

  • The widespread SolarWinds attack alone potentially affected 18,000 companies, including 400 of the Fortune 500 and the US Department of Homeland Security.
  • Cybercrime is expected to inflict $6 trillion in global damages this year, a figure predicted to climb to $10.5 trillion by 2025.
As healthcare organisations continue to respond to the pandemic, cyber criminals have continued to persist in their attacks on providers, health plans and business associates compromising sensitive patient data, while impacting the delivery of care to patients.
 
Horizon Healthcare Reort Series
 
You Might Also Read: 
 
How To Prevent Healthcare Data Breaches:
 
 
« Heads Of State On NSO Spyware List
Military Intelligence: British Army Operation Using AI »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Arsenal Insurance Company

Arsenal Insurance Company

Arsenal is an insurance provider based in Moscow, Russia. Services offered include Cyber Risk insurance.

Menlo Security

Menlo Security

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email.

Global Information Assurance Certification (GIAC)

Global Information Assurance Certification (GIAC)

GIAC provides certification in the knowledge and skills necessary for a practitioner in key areas of computer, information and software security.

EY Advisory

EY Advisory

EY is a multinational professional services firm headquartered in the UK. EY Advisory service areas include Cybersecurity.

Sasa Software

Sasa Software

Sasa Software is a cybersecurity software developer specializing in the prevention of file-based network attacks.

Healthcare Fraud Shield (HCFS)

Healthcare Fraud Shield (HCFS)

The focus of Healthcare Fraud Shield is solely on healthcare fraud prevention and payment integrity with a successful approach based on many unique advantages we deliver to our clients.

AXELOS

AXELOS

AXELOS develops best practice frameworks and methodologies used globally by professionals working primarily in IT management and cyber resilience.

CyberHunter Solutions

CyberHunter Solutions

CyberHunter is a leading website security company that provides penetration testing, Network Vulnerability Assessments, cyber security consulting services to prevent cyber attacks.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

Netgo

Netgo

Netgo group meet the requirements of a complex, digitized world with IT consulting, IT solutions & services, managed & cloud services and software products & development.

Bosch Global Software Technologies (BGSW)

Bosch Global Software Technologies (BGSW)

Bosch Global Software Technologies offer an advanced innovation for AI security. The Bosch AIShield is the definite answer to safeguard your business against model extraction attacks.

Nasuni

Nasuni

The Nasuni File Data Platform offers the protection, detection, and recovery of file shares from ransomware attacks or random disasters within minutes.

Quod Orbis

Quod Orbis

Quod Orbis are a fast-growing, innovative company providing market-leading expertise in cyber security and Continuous Controls Monitoring (CCM).

KBE Information Security

KBE Information Security

KBE is a global consulting firm, with offices in Toronto and Milan, which specializes in the area of IT and information security with over 20 years of experience.

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre (JCSC)

Jersey Cyber Security Centre is the jurisdiction's Cyber Emergency Response Team (CERT) and national technical authority for cyber security.

Hydden

Hydden

Hydden gives security teams the ability to create a solid foundation to build a truly next-gen identity security practice by bridging the gaps between siloed teams and technologies.