A new report has revealed that last year in the UK, 67% of healthcare organisations experienced a cyber security incident.
The findings, published by data security provider Clearswift, “highlight the serious threat that data breaches and malicious attacks pose to the UK’s health-related data”.
The survey revealed that almost half (48%) of incidents within the sector occurred as a result of introduction of viruses or malware from third-party devices, such as IoT devices or USB sticks,
Other factors in attacks on the health sector included the sharing of information with unauthorised recipients (39%), users failing to follow protocol or data protection policies (37%), and users clicking on malicious links in emails or on social media (28%), suggesting that user education in the industry is not being taken seriously either.
Despite the vulnerability within the sector to cyber attacks, the report also revealed that not even a quarter (24%) of respondents had an adequate level of budget allocated to cyber security.
Alyn Hockey, vice president of product management at Clearswift emphasised that “The healthcare sector holds important patient data, so it is alarming to see such high numbers of security incidents occurring in the industry.”
He went on to suggest that the healthcare sector needs to securely share data across departments and organisations “in order to facilitate excellent patient care.
“With the proliferation of third-party devices in this process, it’s more important than ever that the industry bolsters its cyber security efforts to reduce the risk of everything from unwanted data loss to malicious attacks and focusses on keeping patient data safe and secure.”
Back in 2017 the infamous WannaCry ransomware attack cost the NHS £92 million in cancelled appointments, after it shut down hundreds of thousands of computers around the world with messages from hackers demanding ransom payments.
33% of those surveyed said that attacks like this have had the biggest impact on board level involvement and spend around cyber security, while hacks that involved third-party data aggregator losses, such as the AMCA healthcare breach, were also identified by 29% of respondents as having influenced the level of spend and board involvement on the issue.
Many incidents are the result of human error, which can be mitigated by cyber security awareness training: that can also help mitigate the risk of ransomware attacks, along with other basics like maintaining secure backups. “Business resilience and business continuity planning are also crucial although response plans need to be tested and regularly reviewed,” the report said.
With thanks to PharmaTimes and Clearswift. The full story is here: http://www.pharmatimes.com/news/cyber_attacks_hit_more_than_half_of_healthcare_orgs_in_last_year_1322396
Free Phishing Security Test
Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.
Here’s how it works:
- Immediately start your test for up to 100 users (no need to talk to anyone)
- Select from 20+ languages and customise the phishing test template based on your environment
- Choose the landing page your users see after they click
- Show users which red flags they missed, or a 404 page
- Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
- See how your organisation compares to others in your industry
PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/phishing-security-test-partner?partnerid=001a000001lWEoJAAW