Research demonstrates healthcare sector lags in cybersecurity despite higher risk for attacks
SAN JOSE, Calif.--Skyhigh Security today released the Skyhigh Security Cloud Adoption and Risk Report, Healthcare Edition, which investigates the state of cloud security in healthcare organizations, including patient care facilities and healthcare technology companies. This report explores the healthcare vertical data from Skyhigh Security’s The Data Dilemma: Cloud Adoption and Risk Report, which provides a comprehensive look at data security challenges across industries.
While healthcare parallels other sectors in cloud adoption trends, it faces distinct obstacles regarding data security and trust in the cloud. Cyber attackers often target healthcare organizations to attempt to steal highly prized data, such as personal health information (PHI), insurance claims data, clinical trial information, and more. And unfortunately, they’re often successful.
The report shows that 86% of healthcare organizations have experienced data theft compared to only 80% across all industries. Software-as-a-Service (SaaS) security issues are also rising far more quickly in this sector than others. But despite the elevated threat level, only 51% of healthcare organizations are committed to investing more in cybersecurity, versus 56% across all industries.
To keep sensitive data secure and private, the healthcare sector has been hesitant to embrace cloud services. While other industries have seen a 50% average uptick in cloud services in use, the adoption rate in healthcare is only half of that, at 25%. However, there’s been steady movement to increase utilization. Although the healthcare industry still stores the least amount of sensitive data in the public cloud (47%) compared to all industries (61%), they are up from only 35% in 2019.
“Apprehension about cloud security remains high in the healthcare sector, but there are a variety of factors making greater trust in the cloud necessary—such as the increase in hybrid work and anytime, anywhere collaboration,” said Rodman Ramezanian, Global Cloud Threat Lead at Skyhigh Security. “Healthcare organizations have historically stored sensitive data on premises, but there’s been a shift to cloud and hybrid providers. By adopting unified, zero trust cloud security solutions, organizations can increase cloud use without putting sensitive data at risk and allow their leaders to focus on what’s most important--supporting the health and wellbeing of our communities.”
Top Challenges to Overcome
While healthcare’s adoption and trust in the cloud is trending in the right direction, the sector lacks critical visibility into who is using sensitive data, where it’s being stored and how secure their apps and services are. For example, healthcare organizations perform audits of their applications less frequently than their peers in other sectors and are less likely to use identity and access management to monitor access to resources. Other top challenges for healthcare include the following: Shadow IT, complex or outdated infrastructure, IT budget constraints and cybersecurity talent shortages.
The Treatment Plan
On the bright side, healthcare organizations recognize their heightened cybersecurity risks and are taking action to reduce data threats. The report finds that healthcare is most likely of all sectors to deploy data loss prevention (DLP) and encryption solutions, at 30% versus 23% for all industries. Like its peers, 40% of the healthcare sector is interested in adopting a zero-trust approach.
The research presented in the report points to the advantages of a single, centralized Security Service Edge (SSE) solution that simplifies cloud security and enables security teams to apply consistent data protection controls and policies across the web, cloud, and private apps — from anywhere, any application, and any device.
To learn more, register for Skyhigh Security’s upcoming webinar on October 19 in Asia Pacific, North America and Asia Pacific and Japan.
Additional Resources:
- Download the Report and Infographic
- Read the Blog
- Find out more about Skyhigh Security Service Edge
Methodology
Skyhigh Security commissioned independent market research agency Vanson Bourne to conduct this research, which is based on the results of 92 IT decision makers and IT specialists with cloud involvement from organizations in the United States, Brazil, United Kingdom, France, Germany, India, Australia, Japan, and Canada. These organizations have 500 or more employees and represent the healthcare sector. More information on the full research methodology can be found within the global report.