Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

7/31/2017
12:35 PM
50%
50%

Healthcare Execs Report Rise in Data Breaches and HIPAA Violations

IT executives, however, increasingly believe they are "completely ready" to withstand a cybersecurity attack on their healthcare system.

A survey of IT healthcare executives found that 47% have suffered a data breach or violation of the Health Insurance Portability and Accountability Act (HIPAA) at their organization this year, compared to 37% in 2015.

Even so, 35% of the 100 IT healthcare executives believe they are "completely ready" to offset a threat, compared to 16% in 2015, according to the KPMG 2017 Cyber Healthcare & Life Sciences Survey released today.

Boards of directors, meanwhile, show a declining interest in cybersecurity, according to the survey. The report found 79% are putting cybersecurity as a board agenda item on the list at meetings, down from 87% in 2015. Healthcare companies are also spending less on cybersecurity, with 66% indicating they made investments in this area in the past 12 months – down from 88% in 2015.

"There needs to be a higher degree of vigilance among boards and executive suites as attacks become much more sophisticated, especially as doctors need to share information to improve quality and as connected medical devices and wearables proliferate," KPMG's Healthcare Advisory Leader Dion Sheidy says in a statement. "The WannaCry ransomware hack in May was a warning shot against our collective ability to protect patient safety and privacy."

Read more about the survey here.

Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: He still insists that security by obscurity is the way to go.
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-9681
PUBLISHED: 2019-09-17
Online upgrade information in some firmware packages of Dahua products is not encrypted. Attackers can obtain this information by analyzing firmware packages by specific means. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X...
CVE-2019-9009
PUBLISHED: 2019-09-17
An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted network packets cause the Control Runtime to crash.
CVE-2018-20336
PUBLISHED: 2019-09-17
An issue was discovered in Asuswrt-Merlin 384.6. There is a stack-based buffer overflow issue in parse_req_queries function in wanduck.c via a long string over UDP, which may lead to an information leak.
CVE-2019-12755
PUBLISHED: 2019-09-17
Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.
CVE-2019-14826
PUBLISHED: 2019-09-17
A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies were retained in the cache after logout. An attacker could abuse this flaw if they obtain previously valid session cookies and can use this to gain access to the session.