A recent report reveals that more than a third of healthcare organisations are unprepared for cyberattacks, despite an apparent rise in such incidents. Over the past three years, over 30% of these organisations have faced cyberattacks. The HHS Office for Civil Rights has reported a 256% increase in large data breaches involving hacking over the last five years, highlighting the sector’s growing vulnerability.
Sensitive Data at High Risk
Healthcare organisations manage vast amounts of sensitive data, predominantly in digital form. This makes them prime targets for cybercriminals, especially since many operators have not sufficiently encrypted their data at rest or in transit. This lack of security is alarming, considering the high value of protected health information (PHI), which includes patient data, medical records, and insurance details. Such information is often sold on the dark web or used to ransom healthcare providers, forcing them to pay up to avoid losing critical patient data.
In response to the surge in cyberattacks, federal regulators and lawmakers have taken notice. The HHS recently released voluntary cybersecurity guidelines and is considering the introduction of enforceable standards to enhance the sector’s defences. However, experts stress that healthcare systems must take proactive measures, such as conducting regular risk analyses, to better prepare for potential threats. Notably, the report found that 37% of healthcare organisations lack a contingency plan for cyberattacks, even though half have experienced such incidents.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents