Home News Insider Threats in Health Care: More Concerning Than Ever Before

Insider Threats in Health Care: More Concerning Than Ever Before

Insider attacker leak data

A recent survey from cybersecurity firm Netwrix revealed that majority of the health care organizations are now concerned about insider threats than before the pandemic. In its 2020 Cyber Threats Report, Netwrix highlighted that over 71% of health care providers are worried about the risks of data theft due to the negligence or mistakes of their employees and IT admins. Earlier, organizations in health care sector were mostly concerned about employees accidentally sharing sensitive data (88%) and rogue admins (80%), but now they are worried about phishing (87%), admin mistakes (71%), and data theft by employees (71%).

“Their perceptions of risk are both founded and unfounded. They are correct to be concerned about phishing and IT staff errors, since those types of incidents were experienced by 37% and 39% of respondents, respectively, during the first few months of the pandemic. However, even though 37% suffered improper data sharing, concern about this risk plummeted by 32% points since the pandemic began,” the report stated.

Key Findings

  • Every third health care organization surveyed (32%) experienced a ransomware attack, which is the highest result among all verticals studied.
  • 26% of health care organizations reported data theft by employees; 49% of them were unaware of the incident for weeks or months.
  • Concern about supply chain compromise dropped by a record 50 percentage points from the pre-pandemic level; now, only 25% say it is a top security threat.
  • No respondents were able to discover improper data sharing in minutes. 26% needed hours and 74% had to spend days, weeks, or months to flag the incident.
  • 8 out of 10 health care organizations regularly report on the state on cybersecurity to executive leadership, and 47% are convinced it takes too much time and effort.

“With 39% of health care organizations experiencing incidents due to errors by IT staff, this industry should pay particular attention to the activities of privileged users. Even one mistake can bring the entire organization to a standstill, leaving it unable to take care of patients. To mitigate the risk of admin mistakes, it is essential to rigorously enforce the least privilege principle through regular privilege attestation. To ensure quick detection of unauthorized modifications, health care organizations are advised to automate both monitoring of changes and checking of all system configurations against a healthy baseline,” said Ilia Sotnikov, VP of Product Management at Netwrix.