Insider threats dominated healthcare breaches in February

cybersecurity2
The majority of healthcare breaches last month were the result of insider threats.

First, the good news: Nearly half as many patient records were exposed as a result of a data breach in February compared to the month prior, and far fewer incidents were linked to hacking.

Now, the bad news: Nearly 60% of breaches last month were the result of insider threats and some organizations failed to discover a breach had occurred for more than five years.

That’s according to the most recent Breach Barometer report from Protenus, which identified 31 breach incidents in February involving more than 206,000 patient records. Insiders were responsible for 18 of those incidents, nearly half of which were linked to insider wrongdoing.

RELATED: FBI's James Comey: Cybersecurity too big to tackle alone

It took organizations 478 days on average from the time a breach occurred to the time the Department of Health and Human Services was notified, more than twice as long as breaches identified in the previous month. In two specific instances, a breach went undetected for more than five years.

Although a recent survey shows cybersecurity has become an executive-level priority, several recent reports have highlighted the security vulnerabilities that still plague the healthcare industry.

In a Q&A with Healthcare Informatics, Hussein Syed, CISO of RWJBarnabas Health in New Jersey said his organization is focused on creating awareness about threats and educating users with phishing exercises and internal webinars. He added that access management is one of his top priorities in 2017.

RELATED: Despite small improvements, HHS plagued by persistent cybersecurity gaps

“I’m not just talking about the user accounts, I’m talking about the whole life cycle of user predicting and intelligence around the use of those credentials, such as, when do people log in and log off, what do they do, what is their behavior, so we get a picture and understand a user’s normal behavior,” he said.

This week, the Workgroup for Electronic Data Interchange (WEDI) released a report calling for a culture change to cybersecurity defense in healthcare, adding to a scathing report from the Institute for Critical Infrastructure Technology that urged the industry to utilize artificial intelligence to defend against ransomware attacks.