|Some aspects of company response and employee awareness on cyber attacks are seem to be improved in the healthcare industry according to reports / Photo by: S_L via Shutterstock|
Some aspects of organizational response and employee awareness on cyber attacks seem to be improving in the healthcare industry, according to this year's Data Security Incident Response Report from Baker Hostetler.
The report is based on insights gathered from working on over 750 occurrences or possible incidents in 2018. About a quarter of the incidents analyzed comprised of healthcare industry entities, HIMSS Media publication HealthCare IT News reported.
It said that 37 percent of all incidents were traced back to phishing schemes and 55 percent of these incidents had employees being involved as accountable parties. They were held responsible due to a mix of simple errors, falling victims of phishing, or due to them being socially engineered.
While there is a decline in the number of incidents because of lost devices and inadvertent disclosures, HealthCare IT News stated that there is still work to be done since these avoidable mistakes have resulted in one-fourth of the recorded incidents.
Meanwhile, in-house capabilities seem to be on the path to further improvement. The past year saw a jump in the percentage of incidents detected internally with almost 75 percent—more than a 20 percent increase from 2015's 52 percent.
The healthcare industry has also discovered breach incidents in just 36 days compared to the 66 days that it takes for other industries to detect these attacks. But despite these improvements, healthcare is still slightly behind other segments in terms of containment and forensic analysis, the HIMMS Media publication said.
It added that for many organizations, the time from discovery to notification continues to increase as the duration bounces up from an average of 40 days in recent years to 56 days in 2018. The period is only 49 days in healthcare entities.
Baker Hostetler also saw rising scrutiny from regulators and offers "basic steps that can be taken to drive incremental improvement in an entity's compliance and risk posture." These offerings range from enabling multi-factor authentication (MFA) to executing tabletop activities among key staff to prepare for possible occurrences.