Cybersecurity firm Keeper Security revealed that nearly two-thirds of global healthcare organizations suffered a cyberattack in their lifetime, while 53% were attacked within the last 12 months. Keeper, in its report “2019 Global State of Cybersecurity in Small and Medium-Sized Businesses”, revealed that data breaches in healthcare resulted in an average of 7,202 patient and employee records lost or stolen. The most commonly reported types of attacks were phishing (68%), malware (41%) and web-based attacks (40%), according to the report.
Keeper Security provides cybersecurity platform for enterprises to prevent password-related data breaches and cyberthreats. The findings are based on the responses from 2,391 IT security practitioners in the U.S., U.K., and regions like DACH, Benelux and Scandinavia. The respondents also indicated they lack security resources to defend themselves from cyberattacks. Only one-third of healthcare organizations believe they have sufficient budget to support strong IT security and 87% said they don’t have the personnel needed to achieve a more effective cybersecurity posture.
Other highlights from the report include:
- 66% of healthcare providers agree that passwords are an important part of cybersecurity prevention, yet over half don’t have visibility into their employees’ password practices
- Less than half of those surveyed have a plan for responding to an attack
- 90% of healthcare organizations dedicate less than 20% of their IT budget to cybersecurity, with an average allocation of 13%
Darren Guccione, CEO and Co-Founder of Keeper Security, said, “Electronic health records are some of the most lucrative documents on the dark web, so it’s not surprising that the healthcare industry is highly-targeted by cybercriminals. While the majority of healthcare organizations have already experienced a cyberattack, this research shows the industry still doesn’t have the necessary resources and budget allocated to preventing and responding to major data breaches. Patients depend on providers to protect their sensitive health information and moreover, their lives via connected medical devices. Therefore, it’s critical that cybersecurity become a top priority in healthcare.”