A new report reveals the healthcare industry is lacking in basic security awareness among its staff, which can jeopardize entire medical infrastructures.
The healthcare cybersecurity report was released by SecurityScorecard, a security rating and continuous risk monitoring platform.
The 2016 Healthcare Industry Cybersecurity Report found that network security, IP reputation, and patching cadence are healthcare's biggest struggles.
The study also exposes a risk of attacks through social engineering. "Security breaches in this industry pose devastating consequences because they can render an entire system or network inoperable, creating a life or death situation that needs immediate attention," reports StreetInsider.com.
"The low social engineering scores (15th out of 18) among a multitude of healthcare organizations show that security awareness and employee training are likely not sufficient," says Alex Heid, Chief Research Officer at SecurityScorecard. "Security is only as strong as the weakest link, and employees are often the lowest-hanging fruit when it comes to phishing, spear phishing, and other Social Engineering attacks. For a hacker, it only takes one piece of information such as learning the email structure of an organization to exploit an employee into divulging sensitive information or providing an access point into that organization's network."
Among the report's key findings are:
- Over 75% of the entire healthcare industry has been infected with malware over the last year
- 96% of all ransomware targeted medical treatment centers
- Healthcare manufacturing nearly reaches a 90% malware infection rate
- 63% of the 27 Biggest US Hospitals have a C or lower in Patching Cadence, which measures an organization's ability to implement security software patches in a timely fashion
- Healthcare has the 5th highest count of ransomware among all industries
- Over 50% of the healthcare industry has a network security score of a C or lower
Healthcare providers who are serious about securing their practices can download TekLinks' free Ultimate Guide to Data Security or contact TekLinks at email@example.com. Our IT experts support clinical systems that collectively serve more than 1 million patients each year.
WHO IS TEKLINKS? A national leader in cloud computing, managed services, engineering services, and value-added resale. We’re a team of expert techies and business professionals who are passionate about building valuable relationships and getting things done right. Simply put: We make IT work for business.