The 2015 KMPG Healthcare Cybersecurity Survey has shown that as many as eight out of ten executives from these organisations have admitted that their systems have been compromised from attacks via botnet, malware or other cyberattacks in the last two years. 13% of those surveyed indicate that they are getting attacks from external sources at least once per day and 12% more than twice per week. 16% of healthcare organizations have indicated that they do not have the ability to detect real-time system breaches.
The KMPG survey also revealed those areas within healthcare organizations that had the highest vulnerability rates:
- 65% external attackers,
- 48% sharing data with third parties,
- 35% breaches via employees,
- 35% wireless computing and
- 27% through inadequate firewalls.
KMPG’s Healthcare & Life Science Cyber Practice leader, Michael Ebert stated, “The vulnerability of patient data at the nation’s health plans and approximately 5,000 hospitals is on the rise and health care executives are struggling to safeguard patient records. Patient records are far more valuable than credit card information for people who plan to commit fraud, since the personal information cannot be easily changed. A key goal for execs is to advance their institutions’ protection to create hurdles for hackers.”
KMPG’s Cyber Practice leader, Greg Bell also indicated that he felt many organizations many be underestimating the attack threats because they are not seeing the frequency. He continued to say, “Healthcare organizations that can effectively track the number of attempts have less cause for worry than those who may not detect all of the threats against their systems. The experienced hackers that penetrate a vulnerable health care organisation like to remain undetected as long as they can before extracting a great deal of content, similar to a blood-sucking insect.”
The survey results also revealed additional information, specifically on the topic of cyberattack readiness. Of the executives surveyed, 66% of the health plan execs indicated that they were prepared for cyberattacks, 53% of the healthcare providers stated that they were prepared.
In the frequency, type and number of cyberattacks, the survey results showed that in the past twelve to twenty four months, 65% of the survey respondents indicated malware was the most frequent form of attack and botnet and employee related security compromises were at 26%.
Sharon Knowles, CEO of Da Vinci Forensics says:
“Da Vinci Forensics continues to work with companies and organisations within the healthcare field to advise and ensure that their data systems managers can prepare for all forms of cybercrime and detect any breaches as quickly as possible. Security for confidential patient information as well as company data is critical in the fight against cyberattacks.”