According to a new survey report from Kaspersky Lab, employees of healthcare organizations in the U.S. and Canada, who admit their awareness of a ransomware cybersecurity attack, also claim that it wasn’t a one-time occurrence – with a third (33%) claiming it happened more than once.
The findings from Kaspersky Lab’s latest report, “Cyber Pulse: The State of Cybersecurity in Healthcare,” uncover a continuous pattern of ransomware cybersecurity attacks plaguing organizations in the healthcare industry, while also providing insight on employee perceptions and behaviors related to cybersecurity in the workplace.
Data breaches heavily targeting healthcare organizations, such as WannaCry, have brought attention to the vulnerabilities that exist in the industry, making healthcare organizations an even bigger target for cybercriminals. In fact, there have been over 100 hacking/IT-related healthcare organization incidents affecting 500 or more individuals in the U.S. alone this year, according to the U.S. Department of Health and Human Services. In turn, this creates an ongoing risk for healthcare IT staff to prevent and protect against.
Managing this risk has proven to be a challenge for healthcare organizations. In fact, more than one-in-four (27%) healthcare IT employees in North America admit that their employer has experienced a ransomware cybersecurity attack within the past year.
In addition, of those healthcare employees aware of a cyberattack occurring, 85 percent of Canadians and 78 percent of Americans claim to have experienced up to five ransomware cybersecurity attacks in the past five years or more. The research shows that the industry is not learning from its mistakes, and continues to suffer. Even though the healthcare industry has its cybersecurity challenges and has lost many battles to cybercriminals, healthcare employees do care about the protection of the organization.
The top reason healthcare employees to care about having cybersecurity measures in place at their organization is to protect patients (71%). In addition, three out-of-five people (60%) claim they care because they want to protect people and organizations they work with, and nearly a third of respondents (31%) say they care because they do not want to lose their job as a result of not having appropriate cybersecurity measures.
Although there is room for improvement, healthcare employees seem to have confidence in their employer’s cybersecurity strategy. In fact, just over a fifth of respondents (21%) said that they don’t think their organization would suffer a data breach in the forthcoming year and 23 percent claim they are confident in the organization’s strategy.
Through the study, they found that healthcare employees in North America were confident that their organization would not suffer a data breach in the forthcoming year, but whether they realize it or not, their industry is suffering hundreds of breaches a year. Rob Cataldo said that Healthcare companies have become a major target for cybercriminals due to the successes they’ve had, and repeatedly have, in attacking these businesses. As organizations look to improve their cybersecurity strategies to justify employee confidence, they must examine their approach. Business leaders and IT personnel need to work together to create a balance of training, education, and security solutions strong enough to manage the risk.
To find out more information and read the full report, visit the website: https://go.kaspersky.com/CyberPulseReport.html
Cyber Pulse with Rob Cataldo, e.1 – The State of Cybersecurity in Healthcare: An Introduction