SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
Story image
Cloud services top threat vector for healthcare industry
Thu, 25th Mar 2021
FYI, this story is more than a year old

Cloud services represent a multi-million dollar threat vector for the healthcare industry, according to new research from Infoblox.

The research focuses on the cybersecurity and network infrastructure challenges faced by decision-makers in the healthcare industry.

The report reveals major challenges this critical industry faced as healthcare IT workers scrambled to secure protected health information (PHI) and the infrastructure against the COVID-19 pandemic's complex cybersecurity and networking challenges.

Key survey findings include:

Data breaches and network outages are a real and growing cost for the industry: Nearly half (43%) of respondents estimated the costs of data breaches would exceed $2 million and more than one-third (34%) said the same for network outages.

The healthcare industry is a target: More than half of respondents (52%) suffered a data breach in the past year.

Attackers are focusing on the cloud: Cloud vulnerabilities and misconfigurations, IoT attacks and data manipulation are the most expected cyber threats the industry faces in the next 12 months, each cited by nearly 20% of respondents.

Cloud networks remain vulnerable: 53% of respondents experienced data breaches in cloud networks, the biggest attack vector from the past year.

Knowledge is half the battle: Respondents cited network monitoring (71% of respondents) and threat intelligence (61%) as the most effective mitigation tactics against the threats they faced in 2020.

The survey also found that financial losses from network outages tend to be only marginally lower than those from data breaches, demonstrating that losses from normal business interruptions can be as damaging as those from hacks.

Respondents universally recognised that the costs of prevention were lower than the significant direct and indirect costs of these events - for example, fines, equipment replacement, victim remediation, loss of reputation and customer losses.

Infoblox VP of product marketing Anthony James says, "The coronavirus pandemic continues to highlight the unique cybersecurity needs of the healthcare industry, even as it has increased the number of threats these organisations face.

"PHI is both highly prized by cyber criminals and strictly regulated by governments, raising the stakes for the industry as it adapts cloud-first technologies in response to the shutdown's remote work mandate."

James says, "Fortunately, the industry recognises the need and value of prevention when it comes to protecting this critical data and understands that DNS is one of the most cost-effective ways to secure their networks from a variety of malicious threats before they infiltrate the network.

According to James, healthcare organisations can implement solutions that securely extend a network into the cloud and leverage insights from DNS traffic, as well as other threat intelligence feeds and mitigation tools to provide defense-in-depth for on-premises and remote network architectures.

Cloud-managed network services, such as what Infoblox provides, can enable businesses to simplify network management and automate critical tasks as best suits the team.

The survey is based on responses from nearly 800 healthcare IT decision-makers in North America, Latin America, Europe and the Asia-Pacific region.