Over a third (35%) of global healthcare organizations suffered cloud data theft by malicious insiders last year, according to data from Netwrix.
The findings come from the security vendor’s 2021 Netwrix Cloud Data Security Report, based on interviews with 937 IT professionals around the world.
It claimed that while insider theft was less common than phishing (44%) and ransomware (39%) last year, it took far longer to detect and remediate.
In fact, over a quarter of respondents (28%) said they needed weeks to discover such incidents, while in the case of the other threats nearly half of IT pros (49%) said they detected phishing in minutes and 43% that they spotted ransomware and other malware within hours.
Over two-fifths (43%) said they needed weeks to resolve insider data theft incidents, versus just 25% for phishing and 28% for ransomware.
This matters, because 61% of healthcare organizations store customer data in the cloud and 54% store personal health records there. As a result of insider incidents, many are experiencing unplanned expenses to fix security gaps (24%) and compliance fines (23%) at a time when resources need to be focused on fighting COVID-19.
A lack of lack of budget (61%), IT/security skills shortages (56%) and employee negligence (39%) were cited as the sector’s key security challenges.
Netwrix VP of product management, Ilia Sotnikov, argued that healthcare organizations need to focus their investments on stronger data governance processes to reduce the attack surface, real-time user activity monitoring to speed time-to-detection and training and awareness programs for IT staff and employees.
“An explosion of telehealth services and the shift of non-clinical employees to work-from-home increased the need for cloud technologies in the healthcare sector. As a result, new avenues for cyber-threats opened up,” he added.
“Moreover, because hospitals and health systems are dealing with high caseloads caused by the pandemic, the threat to care delivery remains extremely high. Our report highlights the lack of security fundamentals that could improve the security posture of these organizations.”