According to IBM’s Cost of a Data Breach Report released today, the average healthcare data breach has reached $10.93 million which is an 8% jump from a year ago, when the average cost topped $10 million for the first time.
For the 13th year in a row, the healthcare industry has suffered more expensive data breaches than any other sector. By comparison, the average cost of a data breach across all industries is less than half at $4.45 million.
“We’re seeing a very big increase for healthcare organizations, probably because they’re really in the crosshairs of attackers. And there is no relenting so far,” said Limor Kessem, a senior cybersecurity consultant for IBM Security.
Meanwhile, healthcare organizations have trailed other industries in their cybersecurity defenses as health systems have had trouble attracting top cybersecurity talent, because other industries pay better.
“Security folks are going to work for places where they could get the bigger paycheck, and it’s not always going to be a healthcare organization,” Kessem says. “It’s a tough industry to get very skilled staff.”
I have three comments on this. The first is from Carol Volk, EVP, BullWall:
“Work smarter, not harder. There is good affordable automation available (and coming) in the cybersecurity field. Even the best cybersecurity teams get overwhelmed by too many alerts, so there is a serious effort to automate the filtering of those “alerts” to just those requiring immediate human interaction, effectively slowing down the alert pace to a manageable, human speed. This is why the automation of detection and containment of attacks is more and more the focus. The attack is slowed or stopped before data can be affected, allowing defenders time to respond. The application of AI is expected to greatly accelerate this effort of determining what must be reviewed by humans for response.”
The second is from Emily Phelps, Director, Cyware:
“Healthcare will always be an attractive target for threat actors because of the valuable data they collect and store. Adversaries don’t only outnumber available cybersecurity pros; they collaborate effectively too. To mitigate the risks, healthcare organizations should leverage automation tools that enable lean security teams to efficiently address threats; they should ensure they invest in regular security awareness training so employees are armed to recognize and avoid common threat tactics such as phishing attacks; and they should consider partner with security providers that can act as an extension of their teams, gaining expertise that is more difficult to resource and retain internally.”
And the last is from Stephen Gates, Principal Security SME, Horizon3.ai:
“The healthcare industry is being impacted by an enormous threat landscape with vast numbers of threat actors who are looking to breach organizations’ networks, steal their data, hold them for ransom, and potentially destroy their businesses. The defensive technologies they have in place are proving to be insufficient in blocking today’s attacks. Continuously assessing your network attack surface, finding your weaknesses, remediating them immediately, and verifying that your remediations worked is the best way organizations can stay ahead of attackers. Consider attacking yourself daily, then fixing what matters most.”
The challenges with securing the healthcare space need to be fixed, and that needs to happen now. Whether that’s through automation, people, or both, the status quo cannot be allowed to continue.
Cloud Vulnerabilities Surge 200% Due To Poor Security: IBM
Posted in Commentary with tags IBM on September 14, 2023 by itnerdThe IBM X-Force Cloud Threat Landscape Report 2023 tracked 632 new cloud-related vulnerabilities between June 2022 and June 2023 and saw a 194% increase over the previous year bringing the total number tracked by the vendor to 3900, a number that has doubled since 2019.
In 36% of the real-world cloud incidents, the top initial access point for cloud compromises was the use of valid credentials either attained during an attack or stolen prior to targeting a specific victim. That is a significant jump from the 9% observed the previous year.
“[It] highlights the need for organizations to move beyond human-reliant authentications and prioritize technological guardrails capable of securing user identity and access management,” IBM analyst Chris Caridi said.
The X-Force team found examples of poor security practices such as plaintext credentials located on user endpoints in 33% of incidents involving cloud environments.
The next two most common access strategies, each 14% of engagements, were exploitation of public-facing applications and phishing and spear phishing.
Dave Ratner, CEO, HYAS had this to say:
“Chris Caridi is correct that organizations need to do a better job of securing and authenticating user identity. At the same time, bad actors will always break in, so the report also highlights the need for improved visibility and observability of anomalous communication patterns via Protective DNS — the telltale sign of an initial breach beaconing out to its command-and-control for instructions. Only through a defense-in-depth strategy will organizations truly be able to implement business and operational resiliency.”
With the cloud being as pervasive as it is within most organizations, there really needs to be a focus on clouds security to ensure that this isn’t a threat to an organization’s security.
Leave a comment »