Risk Based Security released their 2020 year-end data breach report, which provides deeper visibility into the data breach landscape, giving key insights for specific industries. This year, despite an overall decline in breach events (security incidents), the number of breached records grew dramatically. Other trends included a doubling of ransomware attacks from 2019 to 2020, and data breach severity rising. Here are some of the highlights from the report:
- Despite 1,923 breaches (49%) without a confirmed number of records exposed, the total number of records compromised in 2020 exceeded 37 billion, a 141% increase compared to 2019 and by far the most records exposed in a single year since we have been reporting on data breach activity.
- There were 676 breaches that included ransomware as an element of the attack, a 100% increase compared to 2019.
- Breach severity, as measured by severity score, steadily increased throughout the year, reaching an average of 5.71 in Q4 compared to 4.75 in Q1. Severity score is a base 10 logarithmic scale, meaning that the severity of breach events increased by a factor of 10 over the course of the year.
- Five breaches each exposed one billion or more records and another 18 breaches exposed between 100 million and 1 billion records.
- Healthcare was the most victimized sector this year, accounting for 12.3% of reported breaches.
Healthcare Takes a Hit
In the midst of responding to COVID-19, the healthcare sector faced a significant number of ransomware attacks in 2020 with 560 healthcare provider facilities falling victim to the malware variant, according to the latest Emsisoft State of Ransomware Report.
The department of Health and Human Services (HHS) and CISA provided two infographics based on key cybersecurity insights: (1) COVID-19 Cyber Security Impacts and (2) Cybersecurity Challenges to Healthcare Sector- Independent Of and Due To COVID-19. Both infographics provide a summary of how cybercriminals are exploiting vulnerabilities in the health care sector, particularly during the COVID-19 pandemic. In sum, the healthcare industry is a target-rich environment for hackers.
The findings of the 2020 HIMSS Cybersecurity Survey suggest the rate at which healthcare organizations are improving their cybersecurity posture is not enough to keep pace with new threats. Failure to ensure the safety of Protected Health Information (PHI) is going to keep paving the way for volatile data breaches, year on year.
As you can imagine, while fighting the pandemic, budgets are tight in the healthcare sector. However, given the growing impact of cybersecurity threats we’ve got to do more and we have data security, identity access management, application security, and security operations solutions that can enhance the security posture of healthcare providers.
Build your Security Arsenal, Case by Case
AppSec: Change Healthcare, over the years, has acquired several businesses to grow its range of solutions and diversify its developer expertise. The strategy has opened the door to many new customers, including hospitals, pharmacies and other healthcare providers which use software applications to process prescriptions, create reports and perform other critical tasks.
However, it has also complicated the development process of these applications, multiplying the number of coding languages, environments and standards. Over time, testing the growing number of applications became a recurring issue for the company's developers. They not only lacked security expertise and application testing processes, but they also used tools that were not always accurate, making it hard to find issues or fix potential vulnerabilities. Add to the challenge the amount of time it took to test code for vulnerabilities.
Enter Fortify on Demand (FoD). FoD is an application security testing and risk management platform delivered as a service. The developers for Change Healthcare are now able to submit an application for testing and receive a report listing potential security issues by criticality, where they appear in the code, and specific remediation recommendations. The speed of the solution has allowed Change Healthcare's developers to test and remediate quickly, improving their productivity and reducing the chance of cyber breaches.
Data Security: Internet-connected devices, sometimes referred to as Internet of Things (IoT) devices, are invaluable to the healthcare industry. Increased efficiency and accuracy can be delivered through technology like real-time monitoring, smart pills, smart home care, or robotics additional uses. Unfortunately, such an expansive landscape of insecure internet-connected systems collecting copious amounts of sensitive Personally identifiable information (PII) and PHI along with access to internal networks is a target for hackers. Our existing suite of advanced security solutions provided through Voltage SecureData for IoT easily secures sensitive information generated and transmitted across large-scale IoT deployments.
Identity and Access Management: The healthcare sector knows it needs to protect sensitive patient data. Things got even trickier during the COVID Pandemic with the sudden boom of remote workers. IT departments were now supporting huge amounts of people and devices outside their network. Carante Group, a collaboration of twelve independent care organizations, runs a secure IT environment for 25,000 users in a highly regulated healthcare environment. It needed to find a cost-effective and user-friendly alternative to hardware token multi-factor authentication (MFA). They quickly found that Micro Focus NetIQ Advanced Authentication offered a single framework for all their authentication needs, providing consistent security, simplified administration, and reliable policy enforcement. The Carante Group was able to extend their homeworking capability immediately to thousands of extra employees.
The IT Manager for Carante Group noted NetIQ was easy to implement and “saved us a considerable amount given the growing popularity of remote working.”
SecOps: Healthcare orgs have a lot of infrastructure to protect and keep secure. A Security Information and Event Management (SIEM) solution could be vital to securing healthcare networks. When one large Healthcare Organization needed to combat cyber security threats, provide comprehensive audit feedback, and run a secure IT environment for 25,000 users in a highly regulated healthcare environment, they heard about ArcSight’s reputation. They deployed ArcSight Enterprise Security Manager (ESM) to collect data and correlate events in realtime to escalate threats that violate the internal rules within the platform. ArcSight delivered a cost effective universal log management solution to the Healthcare Organization that unifies searching, reporting, alerting, and analysis across any type of enterprise machine data.
Be Better Equipped for 2021
Cybersecurity proved to be a massive challenge for the healthcare sector in 2020. Workers had to combat the COVID-19 crisis while simultaneously fending off (or suffering successful) cyberattacks.
Healthcare orgs need to continue to protect their identities, apps and data, even as the pandemic stretches on into the New Year. With healthcare data even more valuable to hackers than credit card data, being proactive in cybersecurity is a must.
Strengthen your cyber resilience. Protect across your identities, applications and data. Learn more about cyber resilience. Join our Security Community to stay up to date on our security portfolio. We’d love to hear your thoughts on this blog. Log in or sign up to comment below.