Analecta Cyber Company Blog: Hospitals missing the fundamentals. Security budgets grow, but breaches continue.

2016-11-04

Hospitals missing the fundamentals. Security budgets grow, but breaches continue.

Based on healthcare industry spending, budgets for cyber security have increased more than 50% since 2013, however, breaches continue.

Data breaches have continued to increase, more than 26% between 2013 and 2015. Hundreds of millions of records have been breached according to the HHS Office of Civil Rights (OCR).

Many believe that increased budgets in cyber security will immediately decrease the number of breaches, however, the human element is often overlooked. The number one cause of cyber security failures is a lack of fundamentals - security best practices.

It goes back to how you build and strengthen an organization’s security through various infrastructure controls. For example, employees should have the absolute minimum access to information required to do their job. By restricting employee access to records, records outside their regular access require more sophisticated hacking techniques to access.

System changes and configuration changes overtime are a given, things change with any growing or changing organization. But the importance of well-organized, documented, trained and educated security procedures remains critically important.

Using NIST guidelines and approaching the Healthcare security self-audit honestly will go a long way toward building strong baseline protections that are a necessary foundation for the cyber security budget increases to improve actual security posture within an organization.