News Feature | December 5, 2014

Providers Increase Cybersecurity Spending

Katie Wike

By Katie Wike, contributing writer

IG Report Recommends Ways To Boost ECS’s Participation Rate, Efficiency

Six of 10 providers increased their cybersecurity spending over the last three years, according to a survey by IDC Health Insights.

A report from IDC Health Insights shows cybersecurity is a top concern of providers. Of the 100 organizations surveyed, 59.6 percent said they had increased spending on cybersecurity in the last three years. Thirty-eight percent said spending levels remained the same.

“Today's healthcare organizations are at greater risk of a cyber-attack than ever before, in part because electronic health information is more widely available today than in the nearly 20 years since the Health Insurance Portability and Accountability Act was passed in 1996,” states Lynne A. Dunbrack, research vice president, IDC Health Insights. “For healthcare organizations, it's not a matter of whether they are going to be attacked but when.”

According to iHealth Beat, the survey further found 100 percent of those surveyed had responded to a cyber-attack in the last year. Also, 39 percent experienced 10 or more cyber-attacks with 27 percent of those attacks deemed “successful.”

After physical loss or theft of a laptop, mobile or portable device, malicious hacking or IT incident was the most common breach reported on the Department of Health and Human Services (DHHS) Web site, explains a press release from IDC.

“Healthcare cybersecurity strategies need to take a comprehensive approach and include not only react and defend capabilities but also predict and prevent capabilities to effectively thwart cybercriminals,” says IDC Health Insights.

“To take a more proactive stance in protecting themselves against cyber threats and attacks, healthcare organizations will need to invest in threat intelligence reporting which combines reports from security vendors and the organization's own network logs.  Predictive analytics can then be applied against these external and internal data feeds to help identify behaviors that suggest that systems are being compromised and under attack.”