On October 13, 2015, Trustwave released the findings of its 2015 Security Health Check Report which discloses that 91 percent of technical respondents believe criminals are increasingly targeting health care organizations. What makes this percentage an alarming number is the fact that less than 10 percent of the organizations’ IT budget is earmarked to combat cybercriminals, making their patients' highly sensitive information quite vulnerable.
It is estimated that the global electronic healthcare record (eHR) system will grow at an annual rate of 5.5 percent and reach $22.3 billion by the end of this year. This puts a great deal of information concerning patients at the fingertips of cybercriminals.
Trustwave, a privately held information security company that provides on demand threat, vulnerability and compliance management services and technologies, commissioned a third-party research firm to survey 398 full-time health care professionals. Respondents consisted of 198 technical and 200 non-technical personnel. The survey was deployed through emails and analyzed in September 2015.
The findings show that 79 percent of technical respondents and 77 percent of non-technical respondents are most concerned about losing patient data, above other types of information, if their organization is breached. However, over one third of technical respondents stated that vulnerability testing is only conducted once a year.
While, in reality, the number is much higher, only 23 percent of technical respondents believe that their organization has experienced a breach. The report shows that while three quarters of technical respondents are concerned about cyberattacks, there is neither enough staff, nor budget in place to successfully combat them.
Senior vice president of product and corporate marketing at Trustwave, Steve Kelley, stated "Today's health care industry is under attack. From hospitals to physicians to urgent care clinics, health care organizations are swimming in private data and must make security a priority in order to protect it. Security challenges are nothing new for any business but the level of distress exponentially increases when someone's life may actually depend on the protection of sensitive data."
Edited by
Kyle Piscioniere
