- Solutions for:
- Home Users
- Products
- KasperskyTotal Security
- KasperskyInternet Security
- KasperskyAnti-Virus
- KasperskyInternet Security for Mac
- Kaspersky Internet Security for Android
- Kaspersky Secure Connection
Free Tools
- Kaspersky Safe Kids
- Password Manager
- QR Scanner
- View all
SERVICES
- Comprehensive /PC Network
- Premium Installation
- Advanced Virus Removal
- View all
- Renew
- Downloads
- Support
- Resource Centre
- Blog
- My Kaspersky
- Products
- Small Business(1-50 employees)
- Medium Business(51-999 employees)
- Products
- KasperskyEndpoint Security Cloud
- KasperskyEndpoint Security for Business Select
- KasperskyEndpoint Security for Business Advanced
- KasperskySecurity for Business Total
TARGETED SECURITY SOLUTIONS
- Mail Server
- File Server
- Mobile
- Internet Gateway
- Virtualization
- Collaboration
- Vulnerability and Patch Management
- Storage
- View More
- Services
- Downloads
- Support
- Resource Centre
- CompanyAccount
- Products
- Enterprise(1000+ employees)
- Partners
- About Us
- Support
- Contact Us
- Search
As healthcare providers make required moves toward electronic health record (EHR) keeping, the very private information they hold is more and more tempting as a target for cybercriminals. At the same time, cyberincidents such as ransomware attacks that cause system lockups in healthcare facilities and health equipment manufacturers can have dire consequences to the people who require their products and services to survive.
As of January 1, 2018, the United States alone has seen more than 110 hacking or IT-related healthcare organization incidents that affected 500 or more individuals.
To gain insight into the unique issues healthcare industries face in securing valuable and sensitive personal data, we commissioned a survey of 1,758 healthcare organization employees based in the United States and Canada. Our aim was and is to create a dialog among businesses and IT staff in healthcare about the current state of employee awareness of cybersecurity among their employees, with a goal of suggesting useful proactive steps.
Repeat ransomware
Our findings were disquieting, with more than three-quarters of the employees who were aware of a ransomware cybersecurity attack on their organization reporting that they’d experienced up to five attacks. Malware attacks such as ransomware attacks can cost enterprises an average of $1.24 million and SMBs $123K apiece — not to mention, devastate their reputations. It should go without saying that repeat incursions do not reflect well on the victim organizations.
Healthcare systems have extra regulatory wrinkles, as well. Whether their focus on regulations or some sense of false security has held them back, these organizations have some catching up to do in the area of cybersecurity. Some key points gleaned from our research:
- Responses varied wildly to a hypothetical scenario in which employees received an e-mail request for a patient’s protected personal health information. Nearly three-quarters (73%) said they would report such a request to their IT department, but that leaves a significant number unsure or cooperating with third-party requests.
- Nearly three-quarters of respondents (71%) said they do care about having cybersecurity measures in place at their organization to protect patients.
- However, only 14% of respondents thought their organization had enough cybersecurity protection for connected medical devices.
- One in ten respondents (11%) said they needed better protection for employees to safely work remotely.
Although mere awareness of a problem may seem trivial, in the case of medical data, which is both legally protected and valuable, outside requests for data take on great importance. Requests may be legitimate, or they could help cybercriminals gain entry to your system Think it couldn’t happen to you? Our survey data indicated that 20% of Canadian respondents had responded, or had a coworker who’d responded, to an external request for patient information.
Downtime
The healthcare issue is broadly twofold. Patient data is valuable — extremely important to protect. Then, there’s service. If a healthcare organization becomes unable to function, for example because of a ransomware attack, then it may become unable to provide vital services.
Such was the case with the WannaCry ransomware epidemic. Though more than a year old, WannaCry continues to cause trouble. It initially made headlines in 2017 for knocking out 200,000 computers, including in healthcare facilities and medical equipment manufacturers, in 150 countries.
Just recently, East Ohio Regional Hospital and Ohio Valley Medical Center both had to close part of their operations and turn to paper charts following a ransomware attack that took down their systems. Ransomware is a thorny problem: It exploits the human factor to gain a sophisticated foothold in computer systems. Some ransomware locking or encryption has been solved, but to date, the only reliable strategy overall is to avoid infection by using rigorous staff training and up-to-date cybersecurity protection.
Kaspersky Team
Share it using the social you like:
Products to Protect You
Our innovative products help to give you the Power to Protect what matters most to you. Discover more about our award-winning security.
FREE Tools
Our FREE security tools and more can help you check all is as it should be… on your PC, Mac or mobile device.
About Us
Discover more about who we are… how we work… and why we’re so committed to making the online & mobile world safer for everyone.
Get Your Free Trial
Try Before You Buy. In just a few clicks, you can get a FREE trial of one of our products – so you can put our technologies through their paces.
Contact Our Team
Helping you stay safe is what we’re about – if you need to contact us, get answers to some FAQs or access our technical support team.
Connect With Us
Blog List
- Eastern Europe
- Polska
- Türkiye
- Россия (Russia)
- Kazakhstan
- Asia & Pacific
- Australia
- India
- 中国 (China)
- 日本 (Japan)
- For all other countries
- Global