67% of healthcare organizations suffered a cybersecurity incident in the last 12 months

January 15, 2020
  • Almost half (48%) of incidents occurred as a result of introduction of viruses/malware from third party devices.
  • Other key causes of security incidents included employees sharing information with unauthorized recipients (39%), users not following protocol/data protection policies (37%), and malicious links in emails and on social media (28%).
  • Ransomware attacks such as WannaCry have had the biggest impact on IT spend and/or Trust board level involvement in cybersecurity.

15 January 2020, Theale, UK – New research by data security provider Clearswift, a HelpSystems Company, revealed that 67% of healthcare organizations have experienced a cybersecurity incident in the past year, highlighting the serious threat that data breaches and malicious attacks pose to the UK’s health-related data.

The research, which surveyed senior business decision makers within healthcare organizations across the UK, found that almost half (48%) of incidents within the sector occurred as a result of introduction of viruses or malware from third-party devices – including IoT devices and USB sticks. With investment in IoT within healthcare expected to continue growing throughout 2020, it is particularly important that the industry focuses on securing these devices.

In addition to this, the survey found that further causes of cybersecurity incidents within the healthcare sector included employees sharing information with unauthorized recipients (39%), users not following protocol/data protection policies (37%), and malicious links in emails and on social media (28%).

“The healthcare sector holds important patient data, so it is alarming to see such high numbers of security incidents occurring in the industry,” said Alyn Hockey, VP of Product Management, Clearswift, a HelpSystems Company. “The healthcare sector needs to securely share data across departments and organizations in order to facilitate excellent patient care. With the proliferation of third-party devices in this process, it’s more important than ever that the industry bolsters its cybersecurity efforts to reduce the risk of everything from unwanted data loss to malicious attacks and focusses on keeping patient data safe and secure.”

The number of security incidents are in stark contrast with further findings from the survey which revealed less than a quarter (24%) of respondents had an adequate level of budget allocated to cybersecurity. And seemingly, there is disparity between where budget is being spent and where it actually needs to be placed, with 46% of respondents revealing investment is put into database security, versus just 26% for endpoint security.

While there remains a need for additional budget to be allocated to cybersecurity across healthcare organizations, the data shows that a number of incidents have already made board members sit up and take note of the potential risks. 33% of those surveyed stated that ransomware attacks – such as the WannaCry incident that took place across the NHS in 2017 – have had the biggest impact on board level involvement and spend around cybersecurity. Further hacks that involved third-party data aggregator losses, such as the AMCA healthcare breach, were also identified by 29% of respondents as having influenced the level of spend and board involvement on the issue.

Hockey added: “Understanding what is threatening the safety of the critical data you hold is the first step in mitigating the risk. Therefore, cybersecurity strategies across healthcare organizations need to rapidly evolve to account for new threats against the sector. While many aspects of staying secure come from keeping employees trained to recognize threats, technology should play a key role in helping reduce the risks that come with innovation. It’s not a case of ‘if’, but ‘when’ an incident occurs so investment is required to ensure healthcare organizations are prepared for any type of threat.”

###

Notes to editors:

This research was conducted by technology research firm, Vanson Bourne, on behalf of Clearswift. 100 senior business decision makers from healthcare organizations in the UK were polled to map the attitudes of businesses and employees relating to cybersecurity.

For further information or to arrange a briefing please contact:

Niall Moran (on behalf of Clearswift)
niall.moran@aprilsixproof.com
0203 141 2989

 

About Clearswift

Clearswift, a HelpSystems Company, is trusted by critical national infrastructure organisations across the globe for advanced content threat protection and the highest level of defence against breaches through today’s digital communication channels. Clearswift technology supports a straightforward and ‘adaptive’ data loss prevention solution that gives teams the freedom to securely collaborate, whilst providing information security personnel with visibility and control of sensitive information flow.

 

Recent News

News
January 15, 2020

New research by data security provider Clearswift, a HelpSystems Company, revealed that 67% of healthcare organizations have experienced a cybersecurity incident in the past year, highlighting the serious threat that data breaches and malicious attacks pose to the UK’s health-related data.

News
December 12, 2019

HelpSystems today announced the latest release of Powertech SIEM Agent for IBM i. The new version provides enhanced flexibility to meet the demands of increasingly complex IT environments.

News
December 10, 2019

HelpSystems announced a new release of its award-winning secure managed file transfer (MFT) software GoAnywhere. The new version makes it easier for customers to share critical information around the world with their trading partners via more global EDI standards and broader language support.