As medical technology evolves, cyberattack vectors increase.
With news of killware attacks jeopardizing physical safety through Internet of Things (IoT) devices, healthcare cybersecurity leaders must remain on high alert when it comes to defending against threats.
The 2021 Healthcare Data Breach Trend Report from Protected Harbor gives insight into evolving healthcare data breach patterns, predictive threats for 2022, and a playbook on how to increase information technology (IT) durability to stop future healthcare data attacks.
“Due to the financial value of patient health information, electronic health records stored in healthcare organizations are a major target for cybercriminals,” said Richard Luna, CEO of Protected Harbor. “Attacks and exploits are evolving every day, becoming more sophisticated and carrying more devastating payloads. Protections must be implemented at every layer of a system.”
The report included statistics from 686 security breaches of 500 or more healthcare records, as reported by the U.S. Department of Health & Human Services Office of Civil Rights (OCR). The results showed that 74% of all healthcare data breaches are from hacking and IT incidents, attributed to understaffed healthcare IT departments, legacy technologies not configured properly for new medical technology, and a lack of interoperability standards.
The report identified the following top cybersecurity threats for healthcare security leaders to watch:
- IoT-connected medical devices
- Mobile health & telehealth technologies
- The Cures Act & remote patient access
- Understaffed & underfunded IT departments
- Lack of employee security training
Improving healthcare cybersecurity and network architecture will harden healthcare infrastructure, increase application durability, decrease overall costs, and increase public trust. The report also identified the following data protection suggestions for healthcare cybersecurity teams:
- Fast healthcare interoperability resource standards
- Multi-factor authentication
- Mobile device security strategy
- Isolated and validated backups
- Integration of managed service teams
For more detailed results, download the report here.