Healthcare Security Readiness
Breaches and ransomware continue to have alarming impact and disruption across the Health & Life Sciences (HLS) industry worldwide. The global average total cost of data breaches is now USD 3.62 million, with healthcare having the highest per-capita cost across all industries at USD 380 per patient record. Ransomware infections such as the WannaCry attack in May 2017 severely disrupted HLS
critical infrastructure as encrypted patient information became unavailable, compromising patient care and forcing many HLS organizations to direct patients elsewhere.
In 2016, ransomware payments were expected to exceed USD 1 billion, according to the FBI3. Global ransomware damage costs are predicted to exceed USD 5 billion in 2017, up over 1,400 percent from USD 325 million in 2015, making cybercrime and ransomware increasingly lucrative and likely to continue to grow.
Many breaches and ransomware attacks are untargeted, opportunistic, and affect HLS organizations that are lagging in cybersecurity and relatively vulnerable. However, HLS organizations typically do not know how their security capabilities compare with the industry and peers.
The Intel® Security Readiness Program (SRP) is a global open industry initiative with over 40 partners collaborating worldwide to enable HLS organizations to benchmark their cybersecurity compared to the HLS industry and peer organizations of a similar focus, locale, and size. Currently, this program has over 143 HLS organizations participating across nine countries, and is projected to more than double through 2018. In this whitepaper, we share highlights from industry level, aggregate, and anonymous results of the SRP.
Ransomware (85 percent) is by far the highest priority, followed by Cybercrime Hacking (78 percent), and Insider Accidents or Workarounds (65 percent). A wide distribution in security readiness is evident across all eight breach types; for example, ransomware readiness scores range from 17 percent to 91 percent with an average of 60 percent, indicating there are many HLS organizations that are significantly lagging in security and relatively vulnerable, and on average the HLS industry has a lot of room for improvement in anti-ransomware security capabilities. Readiness for a given breach type reflects the percentage of capabilities the HLS organization has implemented that are relevant to mitigating risk of that breach type. Average readiness scores across eight breach types (see Table 1) range from 49 percent to 61 percent indicating the HLS industry has much room for improvement in security capabilities to mitigate risk of breaches and ransomware. Several foundational security capabilities in the baseline tier of maturity had relatively weak levels of implementation including Endpoint Data Loss Prevention (Discovery Mode) (20 percent), Audit and Compliance (59 percent), Endpoint Device Encryption (62 percent), and Security Incident Response Plans (61 percent). These security capabilities represent areas in urgent need of improvement for the HLS industry. On the other hand, several foundational security capabilities in the baseline tier had relatively strong levels of implementation including Firewall (92 percent), Anti-malware (92 percent), and Backup and Restore (89 percent). These represent areas where the HLS industry is relatively strong in security and in less need of attention.
Future breaches and ransomware attacks are likely to increasingly use broadcast phishing emails, computer worms, and other highly scalable propagation techniques to infect and penetrate the broadest possible target base, thereby increasing their total available market for monetization. It is therefore increasingly important for HLS organizations to understand how their security posture compares with peers and the industry and be prepared to proactively remediate security capability gaps as needed to mitigate risks and enable improved patient care. The Intel® Security Readiness Program (SRP) is a global open industry initiative with over 40 partners collaborating worldwide to enable HLS organizations to benchmark their cybersecurity compared to the HLS industry and peer organizations of a similar focus, locale, and size. Currently, this program has over 143 HLS organizations participating across nine countries, and is projected to more than double through 2018. In this whitepaper, we share highlights from industry level, aggregate, and anonymous results of the SRP.
Ransomware (85 percent) is by far the highest priority, followed by Cybercrime Hacking (78 percent), and Insider Accidents or Workarounds (65 percent). A wide distribution in security readiness is evident across all eight breach types; for example, ransomware readiness scores range from 17 percent to 91 percent with an average of 60 percent, indicating there are many HLS organizations that are significantly lagging in security and relatively vulnerable, and on average the HLS industry has a lot of room for improvement in anti-ransomware security capabilities. Readiness for a given breach type reflects the percentage of capabilities the HLS organization has implemented that are relevant to mitigating risk of that breach type. Average readiness scores across eight breach types (see Table 1) range from 49 percent to 61 percent indicating the HLS industry has much room for improvement in security capabilities to mitigate risk of breaches and ransomware. Several foundational security capabilities in the baseline tier of maturity had relatively weak levels of implementation including Endpoint Data Loss Prevention (Discovery Mode) (20 percent), Audit and Compliance (59 percent), Endpoint Device Encryption (62 percent), and Security Incident Response Plans (61 percent). These security capabilities represent areas in urgent need of improvement for the HLS industry. On the other hand, several foundational security capabilities in the baseline tier had relatively strong levels of implementation including Firewall (92 percent), Anti-malware (92 percent), and Backup and Restore (89 percent). These represent areas where the HLS industry is relatively strong in security and in less need of attention.
Future breaches and ransomware attacks are likely to increasingly use broadcast phishing emails, computer worms, and other highly scalable propagation techniques to infect and penetrate the broadest possible target base, thereby increasing their total available market for monetization. It is therefore increasingly important for HLS organizations to understand how their security posture compares with peers and the industry and be prepared to proactively remediate security capability gaps as needed to mitigate risks and enable improved patient care.
