New research by Clearswift has found that 67% of healthcare organisations have experienced a cyber security incident in the past twelve months.
The research surveyed senior business decision makers within healthcare organisations across the UK, to which it was found that just under half of security incidents (48%) occurred as a result of introduction of viruses or malware from third-party devices, including USB sticks and IoT devices.
Other causes of cyber security incidents within the healthcare sector included employees sharing information with unauthorised recipients (39%), users not following protocol (37%), and malicious links within emails and on social media (28%).
“The healthcare sector holds important patient data, so it is alarming to see such high numbers of security incidents occurring in the industry,” said Alyn Hockey, VP of Product Management, Clearswift, a HelpSystems Company.
“The healthcare sector needs to securely share data across departments and organisations in order to facilitate excellent patient care. With the proliferation of third-party devices in this process, it’s more important than ever that the industry bolsters its cyber security efforts to reduce the risk of everything from unwanted data loss to malicious attacks and focusses on keeping patient data safe and secure.”
Despite the high number of incidents observed within healthcare organisations, only 24% of respondents revealed that they had adequate levels of budget allocated to security.
In addition, there is a clear disparity between where the budget is being spent and where it needs to be placed, to which 46% of respondents said that investment was being spent into database security, whilst 26% said they were investing into endpoint security.
“Understanding what is threatening the safety of the critical data you hold is the first step in mitigating the risk. Therefore, cyber security strategies across healthcare organisations need to rapidly evolve to account for new threats against the sector.
“While many aspects of staying secure come from keeping employees trained to recognise threats, technology should play a key role in helping reduce the risks that come with innovation. It’s not a case of ‘if’, but ‘when’ an incident occurs so investment is required to ensure healthcare organisations are prepared for any type of threat.”
The post #Privacy: Research reveals the serious threat against UK health-related data appeared first on PrivSec Report.