Financial services may have replaced healthcare as the most breached industry in 2016, but that doesn’t mean healthcare is in the all-clear.
According to a report by IBM Security, the healthcare industry suffered fewer medical record breaches in 2016 compared to the previous year. In 2015 cyberattackers leaked 100 million records. That number dropped to 12 million last year.
However, that doesn’t mean that the healthcare industry is becoming immune to medical record breaches or cyberattacks. Ransomware will continue to be a concern for the healthcare industry in 2017, and experts predict the number of attacks will double by 2018. Ransomware accounted for 85% of malicious attachments to spam email, according to the IBM Security report.
Healthcare organizations will also need to be on the lookout for insider threats. Last year, internal threats comprised 71% of attack sources, and inadvertent actors– users who were unaware that they were causing a security event– caused nearly half of those attacks. The amount of insider attacks may be due to the healthcare industry’s susceptibility to phishing attacks, the report said.
Internal threats are a common theme for many organizations. After a record-breaking month of breaches in November 2016, Protenus, which publishes a monthly data breach barometer, said “hacking pales in comparison to insider breaches.” One way to prevent medical record breaches by internal and external attackers is to implement a security awareness campaign and conduct regular employee training.