New statistics have been published detailing the significant toll cyberattacks and data breaches are having on the healthcare industry in the form of $4 billion in 2019 alone.
The research comes courtesy of Black Book Market Research, who surveyed more than 2,800 security professionals from 733 provider organisations to “identify gaps, vulnerabilities and deficiencies that persis in keeping hospitals and physicians proverbial sitting ducks from data breaches and cyberattacks,” according to a release published from Black Book Mark Research.
“Healthcare providers continued to be the most targeted organizations for industry cybersecurity breaches with nearly 4 out of 5 breaches.”
Amongst its key findings are the dramatic revelations that by the year’s end, data breaches would have cost the healthcare industry more than $4 billion, and while IT budgets have increased around 6% year-on-year, actual cybersecurity spend has decreased from 2018, and 92% of the organisations that responded lack full-time cybersecurity staff.
“It’s becoming increasingly difficult for hospitals to find the dollars to invest in an area that does not produce revenue.” Doug Brown.
According to BlackBook, “over 93% of healthcare organizations have experienced a data breach since Q3 2016, and 57% have had more than five data breaches during the same timeframe. Not only has the number of attacks increased; more than 300 million records have been stolen since 2015, affecting about one in every 10 healthcare consumers.”
“Thus far in 2019, healthcare providers continued to be the most targeted organizations for industry cybersecurity breaches with nearly 4 out of 5 breaches, whereas successful attacks on health insurers and plans maintained with more sophisticated security solutions with little change year to year. Over half of all provider breaches were caused by external hacking.”
“96% of IT professionals agreed that data attackers are outpacing their medical enterprises”
“Cybersecurity is a newer line item for hospitals and physician enterprises and budgets have not evolved to cover the true scope of human capital and technology requirements yet,”
Doug Brown, founder of Black Book said. “It’s becoming increasingly difficult for hospitals to find the dollars to invest in an area that does not produce revenue,” he added.
“Healthcare organisations are also more prone to attacks than other industries because they persist at managing through breaches reactively and not proactively.”
Blackbook has put the estimated cost of a data breach averages out to around $423 per record; considering that each organisation has tens of thousands of records housed at a time, this cost can blow out into the hundreds of thousands, even millions at a time.
“The key place to start when choosing a cybersecurity vendor is to understand your threat landscape, understanding the type of services vendors offer and comparing that to you organisation’s risk framework,” Brown said. “Healthcare organisations are also more prone to attacks than other industries because they persist at managing through breaches reactively and not proactively.”
“Cybersecurity risks are not at the forefront of executives’ minds,” Brown added. “Medical and financial leaders also wield more influence over orgnanisational budgets making it difficult for IT management to implement needed cybersecurity practices despite the existing environment.”