Organizations in the healthcare industry are responsible for the lives of millions—in more ways than one. Over 39 million individuals have been impacted by healthcare data breaches reported in the first half of 2023 alone.
You know the importance of protecting your healthcare organization against malicious actors who would do anything to get their hands on patient data. But do you know where those attacks are coming from?
In this article, we’ll discuss why healthcare organizations are a primary target for sophisticated hacking groups, where they’re focusing their attacks, and what you can do to strengthen your defenses.
What Makes Cybersecurity for Healthcare So Crucial?
Just as legitimate companies look to maximize their investments, so do malicious hacking organizations. Ransomware as a service (RaaS) groups like Lockbit have enabled a series of attacks on the healthcare industry by leasing out their ransomware to cybercriminal affiliates.
The average cost of a healthcare data breach has reached $10M. Hackers recognize the unique value sensitive patient data represents. Its comprehensive nature—from personal identification to detailed medical histories—sets it apart from the data accessible in other industries. Access to patient records is almost all hackers need to commit various acts of fraud, all from one source. With access to this data, they can hold it for ransom, use it to steal people’s identities, commit insurance fraud, sell it on the dark web, or find other ways of illicit financial gain on a massive scale.
One of the most catastrophic examples of this occurred in February and March of this year, when the ransomware group gained unauthorized access to a dental benefits administrator’s database. The breach affected over 8 million people and gave hackers access to all of the following information:
- Names
- Addresses
- Phone numbers
- Email addresses
- Birth dates
- Social security numbers
- Driver’s license numbers
- Medical ID numbers
This information is now accessible by other threat actors who could use it to launch further social engineering attacks against those impacted by the breach. The healthcare organization is also facing a class action lawsuit.
The Unique Challenge of Cybersecurity for Healthcare: Unintentional Insider Threats
No matter how much healthcare organizations spend on security tooling, none of it matters if someone with access to patient records makes just one costly mistake. And it is almost always just that, a mistake.
A warning concerning insider threats issued by the Department of Health and Human Services (HHS) indicates that companies have invested more on stopping insider threats with malicious intent even though negligent insider threats are more common.
A study using data from the United States Department of Health and Human Services supports this. It found that on average, twice as many patient records were affected by breaches involving unintentional insider threats as opposed to breaches involving external cyberattacks. Phishing scams were the leading cause of these breaches.
The HHS warning outlines some potential reasons why unintentional insider threats are so prevalent in the industry:
- There’s a lack of awareness about security policies and a failure to provide security awareness training.
- 27% of employees saw security policies less than once a year; 39% received security awareness training less than once a year.
- An example of unintentional insider threat might be an employee leaving an unencrypted mobile device or laptop containing sensitive data unattended. The device(s) could be stolen, or data could be copied while the device is unattended.
- Having an Amazon Alexa device on while sensitive meetings are going on (i.e., working remote) could cause sensitive data to be leaked.
While there is certainly a correlation between the rise in healthcare workers accessing patient records remotely and a 44% increase in insider threat incidents over the past two years, the fact that phishing is the most common exploit for hackers indicates that there is a deeper problem at hand. Employees are susceptible to phishing in the office and at home. Healthcare organizations should be investing in proactive solutions to their employees’ behavior that go beyond a few training sessions per year.
Elevate Security: A Human Approach to Cybersecurity for Healthcare
We’ve built our security platform on an insight that acknowledges the reality of cybersecurity in the modern age:
Just 8% of users cause 80% of security incidents.
A one-size-fits-all approach to cybersecurity for healthcare is never going to get your most at-risk employees where they need to be to effectively protect themselves and your business. That’s where Elevate comes in with solutions that are designed to continuously monitor the behavior of your employees and give you the controls to mitigate unique insider threats in real-time:
Elevate Engage: Identify Human Risk & Drive Measurable Behavior Change
Elevate Engage ingests and analyzes information collected across your enterprises to provide you with visibility into the security habits of each of your employees. When you actually know which of your employees are falling for things like phishing scams, you can provide them with feedback and advanced protection.
Elevate Identity: Strengthen Access to Critical Resources
Using individual risk profiles of each of your employees, Elevate Identity allows you to approve, deny or set conditional access to sensitive information based on actual behavioral data. This includes setting risk thresholds based on activities like phishing clicks or malware downloads.
Elevate Control: Triage, Prioritize, and Respond Faster to Risky Users
Elevate Control augments this heightened visibility and individualized access control with the ability to automatically apply stricter email, web and endpoint controls, allowing you to respond to active threats in near real-time. .
The Benefits of a Personalized Approach to Cybersecurity for Healthcare
Our approach to mitigating insider threats doesn’t just work in theory—real healthcare organizations have benefited from it. A global healthcare firm we worked with experienced the following results:
- 24x increase in phishing email identification
- 2x increase in phishing reporting
- 30% decrease in malware events
Final Thoughts
The patient data you protect is too valuable to let slip into the wrong hands. When your employees are the primary attack vector for relentless hacking groups, individualized attention is necessary.
With the help of Elevate Security, you can gain deeper visibility into the habits of each of your employees and deploy right-touch responses in real-time and at scale. Stick it to the hackers with a more healthy security culture. Get in touch today.
