The healthcare sector has seen a 53.3% increase in the average cost of data breaches since 2020, according to a recent study by IBM. The current average cost of a data breach in the healthcare sector is $10.93 million. This is significantly higher than the average cost across all sectors, which is $4.45 million.
The high cost of data breaches in healthcare can be attributed to several factors. The sector is highly regulated, which increases the immediate cost of breaches. Additionally, the nature of the data held by healthcare organizations makes them an attractive target for cyber criminals. Cyber attacks on healthcare organizations, such as ransomware attacks, have compromised the personal information of millions of patients. This puts healthcare providers at a higher risk compared to other sectors.
The IBM report also highlighted that phishing and stolen or compromised credentials were the two most common initial attack vectors across all sectors. Cyber criminals often target employees through sophisticated phishing attacks, exploiting them as the “weakest link” in a company’s security defenses. Phishing attacks accounted for 16% of breaches, while stolen or compromised credentials accounted for 1%. Other common attack vectors in the healthcare sector included cloud misconfiguration and business email compromise.
To strengthen their security defenses, healthcare organizations must address the vulnerabilities posed by phishing attacks and compromised credentials. The latest phishing attacks are difficult for employees to detect, and they require additional assistance. This is particularly crucial in the healthcare sector, where any downtime can have a significant impact on frontline services and patient care.
The use of AI and automation solutions has proven to be effective in combating data breaches. Organizations that extensively use AI in their defense systems were able to identify and contain breaches 108 days shorter than those without these capabilities. These organizations also reported a $1.76 million lower data breach cost. The implementation of AI can help shorten the impact of breaches on frontline services and reduce the amount of sensitive data stolen.
One prominent entry point for cyber criminals in healthcare is through third-party suppliers. Healthcare supply chains are often vast and complex, making it difficult for organizations to identify vulnerabilities. AI-powered solutions can provide a 360-degree view of the supply chain, helping healthcare organizations detect and close vulnerabilities. This real-time view enables organizations to quickly address weaknesses before cyber criminals exploit them.
While the rising cost of data breaches remains a concern for the healthcare sector, the use of AI offers a glimmer of hope. Implementing AI solutions can help reduce the cost and time taken to identify and respond to breaches. Healthcare organizations must prioritize strengthening their defenses to protect critical frontline services and mitigate the impact of cyber attacks.
Sources:
- IBM’s cost of data breaches study
- Northdoor, IT consultancy based in London
