Cyber risk a healthcare priority


Cyber security is a top IT initiative for healthcare providers with increased spending on cyber threats increasing over the past three years.

This is according to an IDC Health Insights report, Business Strategy: Thwarting Cyber Threats and Attacks Against Healthcare Organizations.

The majority of healthcare executives surveyed reported that their spending on cyber threats increased (59.6 percent) or stayed the same (38.3 percent) over the last three years. On average, the increase for those respondents that reported an increase was 14.8 percent.

"For healthcare organizations, it's not a matter of if they are going to be attacked but when,” said Lynne Dunbrack, research vice president, IDC Health Insights. “Healthcare cyber security strategies need to take a comprehensive approach and include not only react-and-defend capabilities, but also predict-and-prevent capabilities to effectively thwart cybercriminals.”

The report anticipates that cyber-attacks against healthcare organizations will increase in number and level of sophistication in the next 12 to 24 months. As other industries become more proficient at thwarting cyber-attacks, cyber criminals will continue to cast their nets wider to find vulnerable information assets to exploit.

IDC Health Insights expects that over time spending allocations will change to support predict-and-prevent security strategies rather than defend-and-remediate strategies.

The report concludes that to take a more proactive stance in protecting themselves against cyber threats and attacks, healthcare organizations will need to invest in threat intelligence reporting, which combines reports from security vendors and the organization's own network logs.

Predictive analytics can then be applied against these external and internal data feeds to help identify behaviors that suggest that systems are being compromised and under attack.

Lynne Dunbrack, IDC Health Insights