More than Half of Healthcare Bodies Plan to Invest in Data Breach Protection
July 2017 by Netwrix Corporation
Netwrix Corporation, provider of a visibility platform for data security and risk mitigation in hybrid environments, announced findings in its 2017 IT Risks Report that show more than half (56%) of healthcare organizations plan to invest in security solutions to protect against data breaches.
The 2017 IT Risks in Healthcare data provide a deep look into IT security practices, pains, successful experiences and plans in the healthcare sector. The IT risks are divided into three areas: security, compliance and operations.
The survey’s other key findings for healthcare are:
• 95% of healthcare organizations do not use any software for information security governance or risk management.
• 68% of healthcare providers do not have a separate cybersecurity function.
• 56% of healthcare organizations perceive employees to be the biggest threat to system availability and security.
• 59% of healthcare organizations have had to deal with malware, and 47% of healthcare providers have had security incidents caused by human error.
• Only 31% of healthcare organizations claim to be well prepared to beat IT risks.
• The majority of healthcare organizations indicated lack of budget (75%), time (75%) and appropriate participation of senior management (44%) as the main obstacles to taking a more efficient approach towards management of cyber risks.
“While healthcare organizations continue to struggle with compliance and system availability, the security of electronic health records (EHR) remains their biggest concern by far. Despite the surge in malware attacks and the high price that healthcare records command on the black market, the healthcare industry still sees employees as the main threat to the security of their assets. Even though most employees do not have malicious intent, organizations need to gain visibility into user activity across the IT infrastructure,” said Michael Fimin, CEO and co-founder of Netwrix. “Having a clear understanding of what is going on in the environment will help them mitigate the risk of human errors, detect and investigate incidents faster, and, as a result, improve the security of their sensitive patient data.”