Endpoint Protection

 View Only

Responding to Data Breaches in the Healthcare Industry 

Aug 27, 2014 03:30 PM

The healthcare industry has for years been the number one industry in reported data breaches.  But this dubious honor has been driven in some part because healthcare has the most stringent reporting requirements of any industry.  In other words, unlike other industries, they have to report a data loss.  If every industry had the same reporting requirements, things might look quite different. 

Additionally, while healthcare has had the largest number of reported breaches, it has one of the lowest percentages of actual records lost.   Healthcare has more breaches than other industries, but each loss on average is quite small.

In 2013, according to Symantec’s Internet Security Threat Report (ISTR), 78% of all breaches in healthcare were because of theft or loss of a devices or because the data was accidently made public.  These are preventable breaches when encryption and data loss prevention are used.   So the industry can easily reduce the number of data breaches with tools that already exist.

According to the ISTR in 2013 only 12% of data breaches in Healthcare were caused by hackers.  It might be tempting for the healthcare industry to be less concerned about losing data to hackers.  That would be wrong.

Recent events have highlighted the fact that hackers have discovered very valuable personal information contained within healthcare records.  The three most prevalent pieces of data lost in breaches are real names, birth dates and government ID numbers.  These are the trifecta of identity theft.  Every provider keeps this data as part of their patient healthcare records and attackers have figured out that the healthcare industry is behind in their ability to protect this information.

Of current concern is a threat called Miras.  A new variant of this threat has been targeting the healthcare industry.  Once on a machine, it allows attackers easy access to a compromised system with the ability to steal information and execute commands.  Symantec detects this threat as Backdoor.Miras.

Part of Symantec’s job is to respond to new threats.  The threat landscape changes quickly and the ability to react is critical. We depend on the Symantec’s Global Intelligence Network to discover the latest threats.   But we also depend information from law enforcement and most especially from our customers.  Recently, information from one of our healthcare customers, working with their Symantec Business Critical Account Team, allowed us to update detections for a new Miras variant.  We were able to quickly change an existing generic detection to protect against a specific new variant of the threat they had information about.

The threat landscape today is to complex and too fast for security to be a passive undertaking.  We don’t have time to wait.  Security vendors need to respond quickly to intelligence and this will come from advanced systems and networks  we have in place.  But it also comes from customers.  This partnership is more important now than ever.

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.