More on Risk Management

Healthcare is now top industry for cyberattacks, new research shows

More than 100 million records reportedly were compromised in 2015 in healthcare, research shows.

Bill Siwicki, Managing Editor, Healthcare IT News

Five of the eight largest healthcare security breaches that occurred since the beginning of 2010 – those with more than 1 million records reportedly compromised – took place during the first six months of 2015, according to IBM X-Force's "2016 Cyber Security Intelligence Index." And in 2015 overall, more than 100 million healthcare records reportedly were compromised, the report said.

The report suggested four key steps to help develop a strategic cybersecurity program, which include: prioritize business objectives and set risk tolerance, institute a proactive security plan, craft a response to the inevitable sophisticated attack, and then promote and support a culture of security awareness.

The recommendations are particularly important to healthcare organizations, which are now the top industry targeted by cybercriminals, according to the annual IBM X-Force report, and several other recent reports.

[Also: Healthcare execs pour money into cybersecurity after rampant breaches]

The top five industries in 2015 for cyberattacks: healthcare, manufacturing, financial services, government and transportation, the IBM X-Force report found. The top five in 2014: financial services, information/communication, manufacturing, retail and energy/utilities, the report said.

Sixty percent of cyberattacks in 2015 were the result of an insider – a person who has physical or remote access to an organization's assets, the report found.

"Although the insider is often an employee of the company, he or she could also be a third party," according to the report. "That includes business partners, clients or maintenance contractors, for example. They're individuals you trust enough to allow them access to your systems."

[Also: Experts: Data, devices, employees pose biggest challenges to hospital cybersecurity]

Attacks that resulted from an insider, however, could be malicious or accidental, one in which an insider served as an inadvertent actor. An example of such an inadvertent incident would be an employee who clicks on a malicious link in a phishing e-mail.

"Today's CISOs and security leaders are now looking for fundamental ways to influence and improve both their own programs and established best practices – because they know that simply being compliant isn't acceptable for a well-governed organization," the report said.

The report is based on IBM Security Services' operational and investigative data of billions of security events across more than 1,000 client organizations in 100 countries.

Twitter: @SiwickiHealthIT