Healthcare organizations are more at risk for a cyber attack than ever before thanks to the influx of electronic health information, according to a new report from IDC Health Insights.
Researchers from IDC say that hackers and cyber criminals view healthcare organizations as a soft target compared to financial services and retailers. This is because of fewer investments from healthcare organizations in IT, specifically with security technologies. They also find health information valuable, say the researchers.
Surveying IT leaders at healthcare organizations, the researchers found that every single one had had experienced a cyber attack in the past 12 months. Nearly 40 percent reported that they were attacked more than 10 times and 27.1 percent of the attacks were described as "successful attacks." Roughly 25 percent of the attacks had an impact on normal business operations. The majority of respondents (52.2 percent) indicated that the shortest impact lasted less than an hour and 43.3 percent reported that the longest duration was between 8 and 24.
Healthcare organizations are spending more to thwart these attacks. Nearly 60 percent said their budget for data security against hackers increased. The average increase in spending for all organizations was 14.8 percent.
"For healthcare organizations, it's not a matter of if they are going to be attacked but when. Healthcare cyber security strategies need to take a comprehensive approach and include not only react and defend capabilities, but also predict and prevent capabilities to effectively thwart cybercriminals,” Lynne A. Dunbrack, research vice president, IDC Health Insights, said in a statement.