Vulnerabilities in Healthcare Cybersecurity are Putting Personal Information at Risk
Hikvision Covers Healthcare Cybersecurity Concerns and Vulnerabilities in Related Blog
Healthcare organizations handle sensitive information for millions of people. When COVID-19 began inundating health systems in 2020, cybercriminals took notice. With data theft and ransomware attacks on the rise, finding and fixing cybersecurity vulnerabilities in these organizations is critical. Healthcare industry threats are covered in detail in the Security magazine article, “The insider risk within healthcare.”
The story covers findings from the Varonis’ 2021 Healthcare Data Risk Report, which analyzed more than three billion files across 58 organizations that included biotech companies, pharmaceutical firms, and hospitals. The report found that every employee has access to an average of 11 million files—almost 20 percent of an organization’s total files. In smaller and mid-sized companies, employees have access to nearly a quarter of all files.
Other findings from the report included:
- Around two-thirds of organizations have 500+ accounts with passwords that never expire.
- On average 31,000 sensitive files are available and accessible by healthcare employees.
- Over half of organizations have more than 1,000 sensitive files open to every employee.
- The average cost of a data breach for a healthcare organization was $7.13 million in 2020.
“To get in front of increasingly malicious and sophisticated cyberattacks, hospitals, pharmaceutical companies, and biotechs need to double down on maturing incident response procedures and mitigation efforts. Enforcing least privilege, locking down sensitive data, and restricting lateral movement in their environments are the absolute bare minimum precautionary measures that healthcare organizations need to take.”
Hikvision covered vulnerabilities and cybersecurity concerns in healthcare in a related blog post. You can find it here: “Security Concerns in Healthcare Cybersecurity Practices.”