2015 HIMSS Cybersecurity Survey Prepares Us for Next Year
Ever since Healthcare Information Management Systems Society (HIMSS) North America released the results of its 2015 HIMSS Cybersecurity Survey we have been examining the results showing the need for improved network and endpoint security, along with data loss prevention (DLP), as we prepare for 2016. In publishing its results the Society remarked that the previous six annual surveys focused on data security at a time when organizations primarily were concerned about compliance. This time the focus is on how cybersecurity has changed at healthcare organizations given significant, widely reported healthcare breaches in the last year.
The Survey received 297 valid responses from information security professionals—over 70% being CIOs, CISO, Security Officers, or Director/Mangers and over 75% being from hospitals or healthcare systems.
Respondents indicated a high degree of concern for both external threat actors and insider threat actors. 87% reported that information security had increased as a business priority over the past year, while approximately two-thirds of respondents affirmed that their organization had experienced a considerable security breach. According to the survey the top motivators for improving information security focus were:
- Results of risk assessment
- Phishing attacks
- Negligent insider threat activity – this also had the highest percentage of responses for the origin of the most recent security breach
As we look into 2016 we believe that conducting a 10-day data loss assessment and creating a baseline cybersecurity profile is a key to addressing today’s cyber threats. Focus on what the company’s most prized assets are and the steps being taken to protect them. By successfully protecting these assets other cyber threats including phishing attacks, virus/malware and negligent insider threat activity will be diminished.