Latest stats on the current threat landscape

A report from the Ponemon Institute illustrates the financial and patient safety impacts of cyber insecurity in healthcare, urging organizations to strengthen their cybersecurity measures and address insider threats. The report includes recent statistics regarding ransomware attacks, BEC and spoofing incidents, and more.

The threat landscape

Healthcare organizations currently many cybersecurity challenges, including ransomware, business email compromise (BEC) tactics, cloud computing vulnerabilities, and supply chain risks. According to the Ponemon Institute: 

• 88% of healthcare organizations surveyed experienced at least one cyber attack within the past year, with an average of 40 incidents per organization.
• Ransomware attacks afflicted 54% of respondents, each averaging four incidents over the past two years.
• Business email compromise (BEC) and spoofing phishing incidents have surged, impacting 54% of organizations, with an average of five attacks in the same period.
• Supply chain attacks have affected 64% of respondents, with an average of four incidents in the past two years.

Cyber attacks and patient care

Cyber attacks in healthcare bring more than just financial losses; they also threaten patient safety and disrupt care, a risk no organization can overlook. Ponemon Institute found that: 

• 77% of respondents whose organizations experienced supply chain attacks reported disruptions to patient care operations, a substantial increase from the previous year.
• 69% of those affected by BEC/spoofing phishing incidents acknowledged disruptions in patient care, with 71% citing delays in procedures and tests that resulted in poor outcomes.
• Ransomware attacks have proven equally detrimental, with 68% of affected organizations reporting negative impacts on patient care, including longer hospital stays and increased complications from medical procedures.
• Even cloud compromises, often perceived as less severe, have had far-reaching consequences, with 49% of affected organizations reporting disruptions to patient care operations.

Read also: How cyberattacks can disrupt healthcare services 

The financial burden

Cyber attacks are financially draining for healthcare organizations, with the cost of the most expensive attack in the past year averaging $4.9 million. This includes direct expenses, labor, indirect costs, and lost business opportunities.

• Disruptions to normal healthcare operations due to system availability problems emerged as the most severe financial consequence, averaging $1.3 million, a 30% increase from the previous year.
• The cost of users' idle time and lost productivity due to downtime or system performance delays amounted to $1.1 million.
• Ensuring the impact on patient care was corrected incurred an average cost of $1 million, a substantial 50% increase compared to the previous year.

In the news: Study shows the cost of data breaches at an all-time high 

Data loss and exfiltration

Data breaches in healthcare can have severe consequences, and every organization surveyed reported at least one incident of data loss or theft involving sensitive patient information in the past two years, with an average of 19 incidents per organization.

• Malicious insiders emerged as the primary culprit, accounting for 32% of data loss and exfiltration incidents, followed closely by accidental data loss at 27%.
• 43% of respondents acknowledged that these incidents disrupted patient care operations, with 46% reporting an increase in mortality rates and 38% citing an escalation in complications from medical procedures.

See more: What is data exfiltration in cybersecurity? 

Addressing the insider threat

While external cyber threats draw attention, insider risks—both malicious and accidental—are equally concerning. Malicious insiders were the leading cause of data loss and exfiltration, indicating the need for strong access controls and employee monitoring.

• Only 32% of respondents felt prepared to prevent and respond to threats from malicious insiders, a concerning statistic given the potential consequences.
• Accidental data loss, often resulting from employee negligence or lack of awareness, accounted for 27% of data loss and exfiltration incidents.
• 47% of respondents expressed concern that employees do not fully comprehend the sensitivity and confidentiality of the data they share via email.

See also: Insider threats in healthcare 

Recommendations and best practices

To tackle the challenges of cyber threats and improve patient safety, healthcare organizations should adopt a proactive approach to cybersecurity. Here are some recommendations and best practices to consider:

• Conduct risk assessments: Regularly assess and identify potential vulnerabilities within the organization's systems, processes, and infrastructure to develop targeted mitigation strategies.
• Invest in advanced security technologies: Use advanced security technologies such as next-generation firewalls, intrusion detection and prevention systems, data loss prevention solutions, and cloud access security brokers to enhance protection.
• Foster a culture of cyber awareness: Prioritize security awareness training and education for all employees.
• Develop incident response and business continuity plans: Establish incident response and business continuity plans to minimize the impact of cyberattacks and ensure the continuity of healthcare operations.
• Strengthen vendor and supply chain security: Implement vendor risk management processes and supply chain security measures to mitigate the risks associated with third-party vulnerabilities.
• Collaborate and share intelligence: Participate in industry-wide information-sharing initiatives and collaborate with cybersecurity agencies, law enforcement, and other healthcare organizations to stay informed about emerging threats and best practices.

How Paubox can strengthen an organization’s cybersecurity

Paubox Email Suite keeps all emails HIPAA compliant through TLS 1.2 and TLS 1.3 encryption. The premium plan also has email data loss prevention (DLP), which stops employees from sending sensitive information to people outside of their network. Paubox is dedicated to ensuring the highest level of cybersecurity for healthcare providers, with all their products HITRUST CSF certified. 

FAQs

What is cybersecurity and how does it relate to healthcare security? 

Cybersecurity involves protecting computer systems, networks, and data from digital attacks, unauthorized access, and damage. In healthcare, it is necessary to safeguard protected health information (PHI) and electronic protected health information (ePHI). Effective measures help keep sensitive patient data confidential, secure, and compliant with HIPAA regulations.

Why is cybersecurity important for HIPAA compliance?

Cybersecurity is beneficial for HIPAA compliance because it helps protect PHI from breaches and unauthorized access, which are central to maintaining patient privacy and confidentiality. By implementing strong cybersecurity practices, healthcare organizations can prevent data breaches, avoid fines, and meet HIPAA’s security and privacy requirements.

What are the potential risks associated with inadequate cybersecurity under HIPAA?

• Data breaches: Unauthorized access to ePHI, leading to exposure of sensitive patient information and violating HIPAA.
• Non-compliance penalties: Fines and legal consequences for failing to implement sufficient security measures.
• Financial losses: Costs related to breach remediation, legal fees, and potential settlements with affected individuals.
• Reputational damage: Loss of trust from patients, partners, and the public due to the organization’s failure to protect sensitive health information.
• Operational disruptions: Interruptions to healthcare services and administrative functions caused by cyberattacks or compromised data security.

Learn more: HIPAA Compliant Email: The Definitive Guide