July 19, 2017
Save the date for Connect Healthcare on November 8 – a national event at the Andaz Scottsdale Resort & Spa. More details coming soon.
If you think hackers are the biggest threat to healthcare organizations, you’re wrong. Employees are, according to the healthcare IT specialists surveyed in the Netwrix 2017 IT Risks Report.
Healthcare tops the list of industries that are the most vulnerable to cyber threats. According to Netwrix’s annual report, 56% of healthcare organizations think their employees pose bigger threats to data and system security than anyone else.
Over the past 18 months, several malware attacks have brought companies, both large and small, to their knees. Healthcare organizations have not been immune to malware attacks, which typically penetrate networks due to employees’ negligence (e.g. opening attachments or clicking on links). Overall, 59% of healthcare organizations say they’ve had to deal with malware attacks, with human error being the second most common cause of security incidents.
Surprisingly, 95% of organizations do not use any software for information security governance or risk management, and 68% of healthcare providers do not have a separate cybersecurity function. That means the internal IT departments are responsible for keeping networks and data secure. Only 31% of healthcare organizations claim to be well prepared to beat IT risks, but 56% plan to invest in security solutions to protect against data breach.
Healthcare IT people say lack of budget and time are the main obstacles in creating more effective cybersecurity programs. But lack of participation from senior management is also a problem.
“While healthcare organizations continue to struggle with compliance and system availability, the security of electronic health records (EHR) remains their biggest concern by far,” says Michael Fimin, CEO and co-founder of Netwrix. “Even though most employees do not have malicious intent, organizations need to gain visibility into user activity across the IT infrastructure.”
For questions, comments or concerns, please contact Jennifer Duell Popovec