Kroll has released the State of Cyber Defence: Diagnosing Cyber Threats in Healthcare report, exposing the healthcare industry’s disillusionment in terms of its cyber maturity.
The research reveals that over a quarter (26%) of healthcare businesses have immature cybersecurity processes yet nearly 50% believe their processes are ‘very mature’. Despite this high sense of self-confidence, only 3% of healthcare organisations surveyed actually have mature cyber processes in place.
Twenty-eight percent of healthcare organisations surveyed only employ the most basic security capabilities, such as cybersecurity monitoring, and none of the healthcare respondents had all recommended threat and detection capabilities in place. It is therefore no surprise that Kroll’s threat intelligence consistently finds the industry to be one of the most targeted sectors by threat actors. The industry is also particularly susceptible to data breaches, with healthcare being the most breached industry in 2022 and the second most breached in 2023, according to Kroll’s Data Breach Outlook.
The story becomes more interesting when looking at where healthcare organisations are sourcing their cybersecurity. Healthcare organisations are 65% less likely to fully outsource their cybersecurity services than the average organisation. However, of the healthcare respondents who currently manage all their cybersecurity services in-house, 62% confirmed that they have plans to outsource in the next 12 months. Outsourced managed security could help the healthcare industry close the self-diagnosis gap and better protect themselves in the future.
Devon Ackerman, Global Head of Incident Response, Cyber Risk at Kroll, commented: “The self-diagnosis gap between healthcare’s confidence in its security and its real-world security capabilities is particularly worrying considering that a cyber incident could disrupt hospital operations and have devastating outcomes for patient care and treatment, even putting human lives at risk. Unfortunately, healthcare is a wide-reaching environment with varying levels of investment and IT complexity, not to mention extremely time-poor staff that need both maximum convenience and security from IT operations. This is often why relying on a trusted external third-party provider, with visibility into the changing threat landscape, can be a game-changer for improving security resilience to protect against today’s threats.”
Key findings from Kroll’s State of Cyber Defence: Diagnosing Cyber Threats in Healthcare report include:
- Above-average confidence: Healthcare is the most likely industry to self-report as having very mature security. Only a tiny fraction of healthcare respondents (3%) said that they do not trust their organisation’s ability to defend against most cyberattacks.
- Below-average capabilities: Unfortunately, the real-world security capabilities of healthcare organisations are below average. Of healthcare businesses, 26% rank as having low cyber maturity, and healthcare performs badly in comparison to other sectors that scored highly for self-reported security.
- In-house security services: Healthcare organisations are 65% less likely to outsource their cybersecurity services than other sectors due to the dynamic nature of these work environments. However, nearly two-thirds (62%) of healthcare companies that currently handle everything in-house plan to outsource some services in the next 12 months.
- Credential access fears: Healthcare respondents selected credential access as their number one fear—more than ransomware, BEC and phishing. Interestingly, credential access was the least significant threat according to all other industries.
- Email compromise and ransomware: Kroll Threat Intelligence finds that a third of cases (33%) infiltrated healthcare networks through the use of phishing links, and email compromise (37%) and ransomware (34%) are the two most common incident types.
- Top target for breaches: The healthcare industry is one of the most breached industries, ranking first in 2022 and second in 2023 in Kroll data. Further, the industry has had YoY increases in the number of inquiries and identified monitoring activations.
The State of Cyber Defence: Diagnosing Cyber Threats in Healthcare report is a combination of survey data from 1,000 global senior IT security decision-makers and Kroll data from its front-line threat intelligence and experience of handling over 3,000 yearly incidents. The third-party survey was carried out by an independent specialist in market research, Vanson Bourne, and all respondents had some responsibility or knowledge of cybersecurity within their organisation.
To download the State of Cyber Defense: Diagnosing Cyber Threats in Healthcare report, please click here.
