Healthcare firms had a nightmare of a year in 2020, not just as a result of the pandemic, but also due to an increasing volume of cyberattacks, ransomware campaigns and data theft.
A new report from cybersecurity vendor Netwrix claims healthcare organizations were targeted most frequently by phishing in the cloud (44 percent), ransomware (39 percent) and insider data theft (35 percent) last year.
Of the three, data theft was the toughest to spot. On average, it took more than half of organizations days, if not weeks, to discover their data had been stolen. For phishing and ransomware, discovery took “hours or less” in most cases.
After falling victim to a cyberattack, the biggest consequence is usually the unplanned expense needed to fix the security gaps, as cited by almost a quarter of the respondents (24 percent). Compliance fines and lawsuits were also listed as major headaches.
When asked what their biggest challenges to security were, most healthcare organizations cited limited budget, understaffing and employee behavior. To try and keep their data safe, they mostly opt for encryption, review of access rights and employee training.
Healthcare firms are increasingly reliant on the cloud, the Netwrix report concludes, with almost two thirds (61 percent) storing customer data in the cloud and more than half (54 percent) doing the same for personal health records.