The data breach reported by Anthem earlier this year was breathtaking due to its size—as many as 80 million Americans had their information compromised.
But here’s a statistic that has not received the same notoriety as the Anthem hack—a full 81 percent of healthcare executives say their organizations have been compromised in cyber attacks during the past two years.
According to the 2015 KPMG Healthcare Cybersecurity Survey released earlier this week, only half of those polled feel adequately prepared to prevent future attacks.
Greg Bell, who leads KPMG’s Cyber Practice, reports that many organizations underestimate the threat. “Healthcare organizations that can effectively track the number of attempts have less cause for worry than those who may not detect all of the threats against their systems,” said Bell. “The experienced hackers that penetrate a vulnerable health care organization like to remain undetected as long as they can before extracting a great deal of content, similar to a blood-sucking insect.”
A majority of organizations report that they’re able to see external hack attempts in real time, and they’re reporting a startling number of attempts to infiltrate their systems. Daily assaults are reported by 13 percent of companies, while another 12 percent report being targeted multiple times a week.
Malware is the most frequently reported method of attack, with 65 percent of companies dealing with the issue.
A third of respondents say their own employees were responsible for hacks.
“The vulnerability of patient data at the nation’s health plans and approximately 5,000 hospitals is on the rise and health care executives are struggling to safeguard patient records,” said Michael Ebert, leader in KPMG’s healthcare & life sciences cyber practice. “Patient records are far more valuable than credit card information for people who plan to commit fraud, since the personal information cannot be easily changed. A key goal for execs is to advance their institutions’ protection to create hurdles for hackers.”
According to the survey, the areas with the greatest vulnerabilities within an organization are:
- external attackers, 65 percent
- sharing data with third parties, 48 percent
- employee breaches, 35 percent
- wireless computing, 35 percent
- inadequate firewalls, 27 percent
In an attempt to combat cyber attacks, most institutions have increased spending on cyber security.