These Top Healthcare Security Issues Keep IT Pros up at Night
Healthcare IT practitioners face some of the most-demanding challenges across all industries. A security incident may devastate any type of organization—but for a hospital or healthcare provider, the stakes are even higher.
To make things worse, IT staff often fight sophisticated threats without the resources and skills required for a complete view of today’s complex security environment. It’s a little bit like performing surgery in the dark.
Why Healthcare IT Staff Are Under Pressure
The increasing number and sophistication of attacks have IT pros across all sectors on their toes. But several factors are compounding the worries for healthcare IT staff:
The allure of ePHI: For malicious actors, it’s all about the return on investment, and healthcare records remain one of the hottest commodities on the dark web. With a much longer shelf life and more easily monetized than even financial data, ePHI records can fetch as much as $1,000.
Easy targets: The high return on investment is just part of the appeal. Weak security practices simply make healthcare organizations easy targets. It’s not surprising that Cybersecurity Ventures predicts the healthcare industry will suffer two or three times more attacks than other industries this year.
The high cost of failure: The costs of data breaches are escalating. In 2018, the cost per compromised record for healthcare rose to $408 (from $380 in ’17, and $355 in ’16), according to the annual Ponemon/IBM Cost of Data Breach studies. Consistently, the per capita cost for healthcare records is more than double the average of other industries.
Patient risk: A ransomware attack on a hospital can put patient outcomes at risk; we’ve seen this in action many times. A Missouri hospital diverting trauma and stroke patients and an Indiana hospital resorting to using pen and paper are just two of last year’s examples.
The Escalating Toll
Grappling with these issues is frustrating by itself—but doing so with limited skills and resources is untenable.
Stretched too thin to provide 24/7 threat monitoring and response while facing an increasingly complicated environment, overworked and underpaid healthcare IT pros often experience burnout. Replacing those who quit in frustration is not easy, considering the huge talent shortage in the industry.
To take the mounting pressures off their IT staff, healthcare organizations need to find new cybersecurity solutions. Learn about the advantages of SOC-as-as-service by reading Tech Target’s report, SOC-as-a-Service Advantages for Healthcare Cybersecurity and Compliance.