Negosentro.com | The Value of Cyber Security in the HealthCare Industry | Cybercrime seems inevitable force in cyber world which needs proper strategy, awareness rather than prevention tools. You can take any sector for instance oil & gas, power sector or healthcare sector, cybercrime has spread havoc among such industries. To overcome this drastic situation, Symantec has come up with analysis and prevention steps in a single info-graphic that also highlights on the impact of cybercrime on Healthcare industry.
Healthcare industry is far behind in coping with the rising cybercrime. Every year the budget spent behind cyber security is increasing and seems no value as the breaches are going on this sector. Medical records acquired from healthcare are too important for users and attackers. Thus, the privacy and security of medical data is significant for healthcare organizations. Symantec has come up with few findings that are based on HIMSS Analytics study that are as under.
What HIMSS Analytics Says?
HIMSS has conducted a survey on 115 security personnel in hospitals. The findings are as under which Symantec has covered in its study.
- Around 35% increase in spending on IT security in Healthcare since 2015 year.
- The average 6 percentage allocated for IT budget out of total cyber security budget, which is very low compare to other sectors.
- The price of a single electronic health record is $50 that shows the importance of medical records.
- In last 5 years, there is 125% growth in criminal attacks happened on healthcare industry.
- Around half of organizations take care of medical device security while 50% organizations are still vulnerable.
- There are 23% healthcare organizations have risk management program.
- Around 7.8% organizations never discuss about cyber security in their board meetings.
- According to HIMSS Analytics Healthcare IT Security study, only 20% healthcare organizations follow HIPAA, and HITECH regulations.
- Many organizations carry risk assessment once in a year.
- There is a communication gap between security leaders and top-level management.
- Around 52% respondents said that they have <3% budget for cyber security.
- Due to staffing problem, 72% respondents have less than five IT employees.
- Respondents ranked cyber security at 4.23 out of 5 point scale.
Steps for Security Driven approach:
Symantec has also suggested few steps to overcome this severe situation that are as under.
- Healthcare organizations should follow security regulation and implement basic security controls like HIPAA and HITECH.
- Risk assessment strategy should be there in organizations. Healthcare organizations should monitor and check external and internal IT environment often at quarter base and every six months. User ID, firewall, software patches, logs should be monitored.
- Healthcare industry should mull over Risk management program. CISO and COI should shift their mindset from tactical to robust security planning. This is why CISO training is an absolute necessity.
- Stay ahead of threats by making a proper cyber security plan to fight against emerging threats. The security plan should align with the business goals.
Healthcare industry is indeed proper cyber security strategy that could plan with the help of top-level leaders and security employees. A robust security can put healthcare industry ahead of threats and makes its infrastructure impenetrable. However, awareness also plays a part in every sector when it is a question of cyber security and therefore, proper security training is an unavoidable part. The above steps can help to mitigate cybercrime at huge span.
via Gunjan Tripathi
With proven & extensive experience in DIGITAL MARKETING, Gunjan Tripathi has been responsible for the online presence of CheapSSLShop. Due to involvement in Security Company, Gunjan has vast knowledge of Cyber Security, threats, malware, etc. along with Digital Marketing, Social Media Optimization, and ORM (Online Reputation Management). He is able to optimize business by applying digital marketing techniques and thereby helps organization to improve its online presence.