Attacks on Healthcare Data Continue to Rise
Attacks on Healthcare Data Continue to Rise

The healthcare industry sees 340% more security incidents and attacks than the average industry, according to new research from Raytheon|Websense Security Labs. The 2015 Industry Drill-Down Report – Healthcare reveals that the healthcare industry continues to be highly-targeted, due to the high value of healthcare data as well as the new wave of connected devices adding additional attack vectors to this highly complicated industry.

According to our own analysis of 2015 data breaches, the average size of a healthcare data breach is larger than ever before, despite no longer leading the number of data breaches for the year. The new research reveals some of the most effective cyber-attack tools and techniques that have affected the healthcare industry, as well as some of the challenges faced in protecting healthcare data. Highlights include:

  • Healthcare networks can comprise thousands of providers, each with a complexity of data storage centres and devices, leading to an enormous attack surface
  • One in every 600 attacks in healthcare involves advanced malware, with healthcare four times more likely to be impacted by advanced malware than other industries
  • Most healthcare organizations lack resources (budget, administrative support, technical skills) to detect, mitigate or prevent cyber-attacks or advanced malware
  • Healthcare is 74% more likely to be impacted by phishing schemes
  • Up to 75% of hospital network traffic goes unmonitored by security solutions for fear improperly configured security measures could cause problems

Addressing the challenges in healthcare requires a top-down prioritization of data security, with risk assessments followed by education (key to addressing the many ways employees continue to put healthcare data at risk), policy and technology solutions to reduce the available attack surface.

“There is a realization now that it is indeed necessary to put security into the workflow, and build systems securely by design rather than as an afterthought,” Raytheon|Websense Principal Security Analyst Carl Leonard explained to HealthITSecurity. “This is really what’s going to give healthcare professionals the ability to deliver great patient care, by maintaining the trust of their clients.”

In our whitepaper, Best Practices for Healthcare Data Breach Prevention, we discuss many specific ways you can achieve data protection and compliance, including policy, process and layered-technology defences. As part of your preparedness, we recently launched Absolute DDS for Healthcare, a comprehensive onboarding program  which pairs the highest level of endpoint security with expert forensic support to respond to and contain security incidents. Learn more at


Arieanna Schweber

Arieanna Schweber has been a part of the Absolute writing team since 2007. Arieanna was Canada’s first female professional blogger and has been professionally blogging since 2006 and has spoken at leading blogging conferences including BlogHer and Northern Voice. Arieanna has a joint degree in Business and Communications from Simon Fraser University and continues to build communities for Vancouver-based clients.