New innovations created more entry points for cybercriminals to access personal health information.
Healthcare organizations paid an average of $1,088 per cybersecurity vulnerability in quarter one of 2019, according to a new report from Bugcrowd, a cybersecurity vulnerability testing company.
The report, “State of Healthcare Cybersecurity,” noted that the quarterly payout is the highest it’s ever been with an 82.8% increase year over year.
The healthcare industry holds large amounts of confidential health and patient data. This makes the industry one of the most targeted for cyberattacks.
The digital transformation only makes the healthcare industry that much sweeter to attack. But more than half of healthcare organizations lack confidence in their medical device security, according to the report. And while mobile health apps give patients a more convenient way to schedule appointments, order prescriptions or have access to their personal health information, they also open up a new entry point for cybercriminals.
“By recognizing that hackers will find vulnerabilities and exploit them, healthcare leaders can improve the way they design and implement connected devices, manage risks and train their teams,” Bugcrowd wrote.
Bugcrowd saw a nearly 341% increase in cybersecurity vulnerability submissions from 2017 to 2018. The company reported that the industry is on track to see a steady increase in vulnerability again this year.
More than 12% of the submissions were classified as priority one, or the most critical. A majority of the submissions (42%) fell into the priority three category.
And 75% of submissions were related to healthcare organizations’ websites.
In quarter one of 2019, total vulnerability payouts increased by 31.1% from quarter one of 2018.
“Healthcare organizations running crowdsourced security programs are increasing in security maturity and criticality levels, therefore increasing the market rate for vulnerabilities,” the authors wrote.
First-priority vulnerabilities cost healthcare organizations an average payout of $3,425 in quarter one — higher than any other year combined. The average payout in quarter one of 2018 was $3,081.
“It’s important to consider a defense-in-depth approach to cybersecurity and engage crowdsourced security to level the playing field,” the report noted. “In the coming years, it will become standard operating practice for vulnerability assessment — the winners will be those who embrace this new standard today and reap the rewards before the rest of the market catches up.”
Through crowdsourcing, cybersecurity teams can gain resources to scale, secure and unlock the benefits that healthcare technology brings.
Get the best insights in digital health directly to your inbox.
Related
Third-Party Vendor Risks Cost Healthcare $23.7B a Year, Report Finds
Phishing Emails Play on Our Fear of Failure
3 Trends Plaguing Healthcare Cybersecurity & How to Fight Them
Cybersecurity panel: Hospitals threatened by attacks aimed at vendors
November 4th 2024Chief Healthcare Executive presents another installment from our conversation on cybersecurity, with experts from the American Hospital Association, HIMSS and Providence. They talk about breaches tied to business partners.
Cybersecurity panel: The scope of recent ransomware attacks in healthcare
October 28th 2024Chief Healthcare Executive hosted a discussion on cybersecurity with leading experts from the American Hospital Association, HIMSS and the Providence health system. They talked about the growing problem of cyberattacks.