Study: Healthcare IT Professionals Overconfident in Breach Detection Skills | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

Study: Healthcare IT Professionals Overconfident in Breach Detection Skills

December 15, 2016
by Heather Landi
| Reprints

In a study evaluating the confidence of IT professionals regarding the efficacy of seven key security controls to help detect a cyber attack in progress, healthcare IT professionals were overconfident in their ability to quickly collect the data needed to identify and remediate a cyber attack.

Tripwire, a provider of security and compliance solutions, sponsored the study, which was conducted by Dimensional Research. The study evaluated the confidence vs. knowledge of IT professionals regarding the efficacy of seven key security controls, which must be in place to quickly detect a cyber attack in progress. Respondents of the Tripwire 2016 Breach Detection Study included 763 IT professionals from various industries, including 101 participants from the health care sector.

For many controls, IT professionals believed they had the information necessary to detect a breach quickly—but provided contradictory information about the specific data, according to the study report.

The Tripwire study also cites data from Verizon’s 2016 Data Breach Investigations Report which indicates that 63 percent of successful system compromises in the health care industry occurred within minutes, 56 percent of data breaches impacting the health care sector actually took months to detect.

The Tripwire study found that 90 percent of healthcare IT professionals believe they could detect configuration changes to endpoint devices on their organization’s networks within hours, but less than half (49 percent) know exactly how long it would take their vulnerability scanning systems to generate an alert.

“There’s no argument that these basic controls work and contribute directly to an organization’s cyber security, yet the research shows they are not in place at enough health care organizations,” Tim Erlin, senior director of IT security and risk strategy at Tripwire, said in a statement. “This is occurring at a time when the health care industry is facing unique cyber threats, from physical theft to sophisticated ransomware campaigns.”

Erlin continued, “The basics of finding unauthorized devices and vulnerabilities and applying patches in a timely manner should be done at every organization in order to create a baseline of cybersecurity. These fundamental controls should be in place before organizations look at the latest shiny security object.”

The study results also indicated that nearly two-thirds (60 percent) of the healthcare IT respondents believe their automated tools do not pick up all of the critical details or information that is needed to identify the locations and departments where the unauthorized devices were detected.

Eighty-three percent of the respondents believe they could detect configuration changes to a network device within hours; however, only a little over half (54 percent) know how long the process would actually take.

Nearly half of the respondents (45 percent) said critical vulnerabilities detected by their scanning tools are not fixed or remediated within 30 days. Additionally, 43 percent of the respondents said less than 80 percent of patches succeed in a typical patch cycle.

The study is based on seven key security controls required by a wide variety of compliance regulations, including PCI DSS, SOX, NERC CIP, MAS TRM, NIST 800-53, CIS Top 20 and IRS 1075. These controls also align with the United States Computer Emergency Readiness Team’s (US-CERT) recommendations and international guidance, such as the Australian Signals Directorate’s Strategies to Mitigate Targeted Cyber Intrusions.

When implemented across an organization, these controls deliver specific, actionable information necessary to defend against the most pervasive and dangerous cyber attacks. According to the study authors, it is vital for organizations to identify indicators of compromise quickly, so that appropriate action can be taken before any damage is done.


Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Study: EHRs Tied with Lower Hospital Mortality, But Only After Systems Have Matured

Over the past decade, there has been significant national investment in electronic health record (EHR) systems at U.S. hospitals, which was expected to result in improved quality and efficiency of care. However, evidence linking EHR adoption to better care is mixed, according to medical researchers.

Nursing Notes Can Help Predict ICU Survival, Study Finds

Researchers at the University of Waterloo in Ontario have found that sentiments in healthcare providers’ nursing notes can be good indicators of whether intensive care unit (ICU) patients will survive.

Health Catalyst Completes Acquisition of HIE Technology Company Medicity

Salt Lake City-based Health Catalyst, a data analytics company, has completed its acquisition of Medicity, a developer of health information exchange (HIE) technology, and the deal adds data exchange capabilities to Health Catalyst’s data, analytics and decision support solutions.

Advocate Aurora Health, Foxconn Plan Employee Wellness, “Smart City,” and Precision Medicine Collaboration

Wisconsin-based Advocate Aurora Health is partnering with Foxconn Health Technology Business Group, a Taiwanese company, to develop new technology-driven healthcare services and tools.

Healthcare Data Breach Costs Remain Highest at $408 Per Record

The cost of a data breach for healthcare organizations continues to rise, from $380 per record last year to $408 per record this year, as the healthcare industry also continues to incur the highest cost for data breaches compared to any other industry, according to a new study from IBM Security and the Ponemon Institute.

Morris Leaves ONC to Lead VA Office of Electronic Health Record Modernization

Genevieve Morris, who has been detailed to the U.S. Department of Veterans Affairs (VA) from her position as the principal deputy national coordinator for the Department of Health and Human Services, will move over full time to lead the newly establishment VA Office of Electronic Health Record Modernization.