Data Breach Causes: Hacking/IT incidents were the primary cause, accounting for 73% of breaches in 1H 2023. Compared to the first-most affected breach type in the previous reporting period, unauthorized access/disclosure was the second-most prevalent type in 1H 2023. Theft, losing records, and improper disposal were relatively insignificant contributors to data breaches.
Hacker Entry Points: The focus on network server vulnerabilities and the adaptation of defense against email-related hacks point to a continual evolution in the cyber landscape. Hackers have shifted their tactics towards targeting network vulnerabilities. Network server breaches are responsible for a staggering 97% of individual records affected, while only 2% can be attributed to email breaches.
Ad Statistics
Times Displayed: 46196
Times Visited: 1302 Ampronix, a Top Master Distributor for Sony Medical, provides Sales, Service & Exchanges for Sony Surgical Displays, Printers, & More. Rely on Us for Expert Support Tailored to Your Needs. Email info@ampronix.com or Call 949-273-8000 for Premier Pricing.
Evolved Attacker Tactics: Hackers have intensified their attacks on third-party business associates as breaches associated with business associates have steadily risen and were significantly higher than individuals affected in healthcare provider and health plan-related breaches. Of the 40 million exposed records, 48% were linked to business associates, while 43% were associated with healthcare providers. In the first half of 2023, 50% of individuals impacted by a breach had a business associate present.
“Our report found that hackers are increasingly targeting the weakest links and vulnerable points in the supply chain, specifically business associates or third-party companies, that offer services to healthcare organizations emphasizing the importance of effective incident response planning and proactive defense strategies,” said John Delano, Healthcare Cybersecurity Strategist at Critical Insight and Vice President at CHRISTUS Health. “Now more than ever, healthcare organizations must remain vigilant of their security and exposures within their supply chain as attackers constantly adapt new strategies.”
To adequately prepare, organizations should: start with an incident response plan and a NIST-CSF-based risk assessment to build a multi-year strategy; track the cyber hygiene of its critical partners essential to maintaining a more secure environment; place robust focus on safeguarding third-party vendors, business associates, and suppliers from vulnerabilities; ensure support from the board, emphasizing the most critical impact for the investment.
About Critical Insight
Critical Insight is the only cybersecurity-as-a-service provider that prepares, monitors and responds to cyber threats, going beyond SOC-as-a-service offerings typical of Managed Detection and Response (MDR) offerings. With a focus on organizations that deliver critical services – hospitals, local governments, utilities, school systems, and more – we provide end-to-end support to those with limited security teams or budgets to handle threats proactively and as they occur. Based in Bremerton and Seattle, Washington, Critical Insight is a venture-backed company founded by former CISOs in the public sector. We are committed to training new analysts and providing the most up-to-date cybersecurity protection.
Back to HCB News
