Managing Cyber Attacks in the Health Care Industry

The health care industry is more susceptible to cyber attacks than any other industry today.

The health care industry is more susceptible to cyber attacks than any other industry today. Recent research by Raytheon/Websense found some startling trends. Compared to other industries, healthcare is:

  • 200% more likely to encounter data theft
  • 340% more likely to be the target of security incidents and attacks
  • 400% more likely to be impacted by advanced malware
  • 74% more likely to be impacted by phishing schemes[1]

KPMG found that 81% of health care executives reported that their organizations were hit by malware, botnets, and cyber attacks at least once in the past two years[2]. The most common threats to healthcare include:

  • External hackers (65%)
  • Sharing data with third-parties (48%)
  • Employee breaches/theft (35%)
  • Wireless computing (35%)
  • Inadequate firewall (27%)2

This doesn’t come as a surprise. Considering that electronic health care record (EHR) systems have only recently been implemented, organizations don’t necessarily have the proper data protection best practices in place. Combine that with high-value health care data, this industry is a breeding ground for cybercriminals.

“After seeing their peers and competitors breached, health care organizationsunderstand that now is the time to take steps to defend their organizations from top to bottom.”

Recent media coverage of high-profile incidents has encouraged discussions of enterprise security amongst board members. As one analyst remarks, “After seeing their peers and competitors breached, health care organizations understand that now is the time to take steps to defend their organizations from top to bottom.”[3] As a result, health care organizations need to come up with security measures – early threat detection, user education, and breach responses3 – from the get-go, rather than dealing with the aftermath of cyber attacks.

Leveraging your DNS infrastructure is a good place for additional layers of protection. DNS is the starting point for connectivity and is used by all devices to connect to sites and applications. Creating a DNS firewall can help block malicious activities before they reach critical applications and services.

Read the full article: Health Care Industry Susceptible to Cyber Attacks. [1] WEBSENSE® 2015 THREAT REPORT, Ratheon | Websense http://www.websense.com/content/2015-healthcare-industry-drilldown.aspx?cmpid=pr
[2] http://advisory.kpmg.us/content/dam/kpmg-advisory/PDFs/ManagementConsulting/2015/KPMG-2015-Cyber-Healthcare-Survey.pdf
[3] WEBSENSE® 2015 THREAT REPORT, Ratheon | Websense http://www.websense.com/content/2015-healthcare-industry-drilldown.aspx?cmpid=pr

Critical conversations on critical infrastructure

Find out how your peers are managing their networks through profound change. Watch this series of live interactive discussions with IT pros & join the debate in Slack.

Join the conversation

Read more

SUNBURST/Solorigate Situation Briefing

BlueCat leaders discuss how the malware attack via SolarWind’s Orion platform exploited DNS and how BlueCat Edge could have helped to detect it.

Read more
Yes, IT should see what developers do in the cloud

Errors and outages occur when admins lack visibility into DNS and IP allocation in the cloud. With Bluecat, central DDI visibility is within reach.

Read more
Customer situation brief on SUNBURST/Solorigate

Learn more about the attack via the SolarWinds Orion platform and how BlueCat products use DNS to help protect customers against compromises like it.

Read more
On the road to platform hardening, consider a STIG

Security Technical Implementation Guides standardize security configuration on networks, servers, and devices. BlueCat uses them and you can, too.

Read more