Cyber-security breaches at 67 percent of healthcare organisations last year
A survey has found that a large portion of healthcare organisations in the UK experienced cyber-security incidents last year, which were mostly due to employees sharing data.
According to new research, in the last 12 months, 67 percent of healthcare organisations in the UK suffered a cyber-security incident.
The data was compiled by Clearswift, which surveyed senior business decision makers within healthcare organisations.
The findings revealed that 48 percent of incidents occurred as a result of viruses or malware from third-party devices, such as Internet of Things (IoT) devices or USB sticks.
A key cause for incidents included employees sharing information with unauthorised recipients, at 39 percent, with 37 percent as a result of users not following data protocol or protection policies. Malicious links in emails and on social media were the root of 28 percent of security incidents.
The report also highlights that Ransomware attacks have the biggest impact on IT spend and/or Trust board level involvement in cyber-security.
“The healthcare sector holds important patient data, so it is alarming to see such high numbers of security incidents occurring in the industry,” said Alyn Hockey, VP of Product Management, Clearswift. “The healthcare sector needs to securely share data across departments and organisations in order to facilitate excellent patient care. With the proliferation of third-party devices in this process, it’s more important than ever that the industry bolsters its cyber-security efforts to reduce the risk of everything from unwanted data loss to malicious attacks and focusses on keeping patient data safe and secure.”
A key cause for incidents included employees sharing information with unauthorised recipients”
A further finding from the survey showed that only 24 percent of respondents had an adequate level of budget allocated to cyber-security. Additionally, there was a disparity between where budget is spent and where it is required, with 46 percent of respondents revealing investment is put into database security, versus just 26 percent for endpoint security.
Hockey added: “Understanding what is threatening the safety of the critical data you hold is the first step in mitigating the risk. Therefore, cyber-security strategies across healthcare organisations need to rapidly evolve to account for new threats against the sector.”