The healthcare industry has always been a target for data breaches, second only behind retail. However, research suggests that healthcare organizations are eclipsing retailers when it comes to cybercriminals’ focus. In research published by IBM, the healthcare industry represents a growing percentage of all data breaches – up from 5 percent in 2013 to 15 percent in the first half of 2016.
The opportunity for cybercriminals to breach data stores within the healthcare organization is shockingly large. First, there’s the personnel problem. A large number of people (including temp employees) need access to patient records to do their jobs across the healthcare ecosystem. Then, there is the issue of mobility. Since 2010, over 65 percent of all healthcare data breaches have come from mobile device theft or loss, according to the Healthcare Breach Report from Bitglass. Last is the fact that many medical devices and equipment cannot be easily scanned for malware or security threats.
For these reasons (and numerous others) healthcare organizations are spending more than ever on information security – which means many are overspending. Here are some of the factors contributing to overspending in the area: