Report: Healthcare, Higher Ed Were Top 2 Cyber Targets in 2013

A cyber security firm says that three industries accounted for nearly two-thirds of all of its cyber events, and two of those three were healthcare and higher education.

Kroll has released an overview of the cases it handled for U.S. clients last year, and healthcare and educational institutions accounted for more than half of the company’s client events. Healthcare organizations were the victims in 38% of the attacks, and educational institutions were victims in 13% of the attacks. Financial institutions accounted for 9% of the firm’s cyber security events.

The study claims that 78% of healthcare cyber crises were tied to human error, and 22% involved an act of malicious intent. By contrast, nearly three out of four (73%) higher ed cyber events were linked to a malicious act. The report says insiders are responsible for 51% of breaches in general (either malicious or unintentional). It also predicts that educational institutions will experience more attacks in the near future.

“The collaborative, open nature of most institutions makes the implementation of security protocols a challenge,” the report says in describing the differences between healthcare and education data security. “In addition, while both sectors are regulated by federal privacy laws, the Health Insurance Portability and Accountability Act (HIPAA) HITECH requirements have provided healthcare organizations with incentives to update security through oversight from the Department of Health and Human Services and Office for Civil Rights. Consequently, we have seen entities in this sector tightening their security protocols. Without similar regulatory development, educational institutions have not seen similar hardening of security walls and protocols.”

The challenges associated with healthcare losses include improper controls over data and a lack of understanding of who has access to key data; unnecessary retention of data; and too many people having access to data.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Get Our Newsletters
Campus Safety HQ