Healthcare Starts Spending Big On Cybersecurity

Uploaded on 2017-03-22 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Health & Welfare

Over 80% of US healthcare organisations and 76% of global healthcare organisations will increase information security spending in 2017, reflective of a rapid transition to electronic health records and increasingly digitised personal health data.

The spending comes with the recognition that digitisation is a double-edged sword. According to the 2017 Thales Data Threat Report, Healthcare Edition, requirements in the US are driving healthcare organisations to digitise their data in a bid for greater efficiency.

However, modernisation comes at a hefty price: Individual healthcare data is exposed to more people, in more places and on more devices, including smartphones, laptops and increasingly, Internet of Things (IoT) devices. 

And in fact, the Report found that 60% of US healthcare respondents reported their organisation were deploying to Cloud, big data and IoT or container environments without adequate data security controls. 

Despite the risks that come from increased access points, 60% of US healthcare respondents reported their organisation were deploying to cloud, big data, and IoT or container environments without adequate data security controls. 

The healthcare industry is also adopting some of these technologies for sensitive data use wholesale, with 69% of US respondents leveraging SaaS, 59% big data, 46% mobile and 35% IoT environments.

The numbers may explain why 90% of US healthcare respondents feel vulnerable to data threats and why cybersecurity spending increases by US healthcare companies leads that of all other vertical markets surveyed, including the government and financial sectors.

Across the board, encryption is the technology of choice when it comes to protecting sensitive data residing within cloud, IoT and container environments. 

A full 65% of US healthcare respondents and 58% of global healthcare respondents opt to encrypt data in the public cloud, with the survey yielding similar numbers for IoT data (59% US; 58% global) and container data (58% US; 60% global).

Yet despite the healthcare industry’s growing interest in encryption, many organisations remain stubbornly focused on network and endpoint security. Network security is still the top choice for US healthcare spending by a wide margin (69%), compared to 53% of global respondents. Endpoint security, at 61%, isn’t far behind.

“While network and endpoint technologies are a required element of an organization’s IT security stance, they are increasingly less effective at keep external attacks at bay, and in securing cloud, big data, IoT and container deployments, which result in data being distributed, processed and stored outside corporate network boundaries,” the Report noted.

“Globally and in the US, healthcare companies are under pressure,” said Peter Galvin, VP of strategy, Thales e-Security. 

“In the US, digital innovation is transforming the way patient information is created, shared or stored. For healthcare data to remain safe from cyber exploitation, encryption strategies need to move beyond laptops and desktops to reflect a world of internet-connected heart-rate monitors, implantable defibrillators and insulin pumps. Adhering to the security status quo will create vulnerabilities that lead to breaches, and further erode customer trust.”

Healthcare organisations interested in improving their overall security postures should strongly consider: Deploying security tool sets that offer services-based deployments, platforms and automation; discovering and classifying the location of sensitive data, particularly within IoT and container environments; and leveraging encryption and bring-your-own-key (BYOK) technologies for the Cloud and other advanced environments.

Infosecurity

Stolen Health Records Flooding Dark Web Markets:

Healthcare Data Breaches In 2017 Will Get Worse:

 

« New Malware Hides In Memory
HSBC Appoints A Technology Advisory Board »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Navista

Navista

Navista's hardware and software modules are especially designed to ease the deployment of secure networks.

Telos

Telos

Telos offers cybersecurity solutions and services that empower and protect the world’s most security-conscious enterprises.

Equilibrium Security Services

Equilibrium Security Services

Equilibrium Security Services is a specialist cyber security company providing a full spectrum of IT security solutions from consultancy to design & implementation and managed security services.

HvS Consulting

HvS Consulting

HvS Consulting is a specialist information security company offering a full range of services including IT security architecture, ISO 27001 audits, Pentesting, Security monitoring and Training.

TrainACE

TrainACE

TrainACE, is a professional computer training school offering courses in information technology with a focus on Advanced Security training.

Trinity Cyber

Trinity Cyber

Trinity Cyber’s patent-pending technology stops attacks before they reach internal networks,reducing risk and increasing cost to adversaries.

Evanston Technology Partners (ETP)

Evanston Technology Partners (ETP)

ETP provides services and solutions to enable and transform businesses in the areas of cybersecurity, data protection, and efficient operations practices.

Vivitec

Vivitec

Vivitec security services are tailored for your business, industry, risk, technology, and size to ensure great protection and planned response for the inevitable cyber-attacks on your business.

Quantinuum

Quantinuum

Quantinuum is the combination of Cambridge Quantum with Honeywell Quantum Solutions, structured to drive the future of quantum computing.

Execweb

Execweb

Execweb are a cybersecurity executive network, comprised of 400+ security practitioners who work at Fortune 500 and SME companies.

Flotek

Flotek

Flotek is an IT & Comms service provider delivering SMEs with trusted, innovative and cost effective cloud technology, with confidence, clarity and clout.

FTI Consulting

FTI Consulting

FTI Consulting is a global business advisory firm dedicated to helping organizations manage change, mitigate risk and resolve disputes.

Lineaje

Lineaje

Lineaje solves critical Software Supply Chain security problems faced by every organization that builds, uses or sells software.

FearsOff

FearsOff

FearsOff is a global information security company serving clients worldwide. White hat operators with a black hat mindset to emulate real world attacks and everchanging threat vectors.

Hive Systems

Hive Systems

Hive Systems specialize in tailored solutions that unify risk assessments, IT, security awareness, and cybersecurity operations for businesses of all sizes.

REAL Security

REAL Security

REAL Security is a market leader across the Adriatic region in value-added distribution in the field of IT Security & virtualisation.