The Threat Environment

The security threat landscape keeps evolving. A growing ecosystem creates a larger attack surface for organizations and security providers to protect. In that environment, the cybercrime industry grew to $450 billion dollars in 2016 and continues to expand. This is being compounded by the incredible growth in the ecosystem in the number of devices, cloud apps, data transactions, and connected users. There will be an estimated 50 billion devices by 2020, 65% of those mobile. An enormous annual 2.3ZB of global IP traffic will account for a 300% growth in 5 years.rger attack surface for organizations and security providers to protect. In that environment, the cybercrime industry grew to $450 billion dollars in 2016 and continues to expand. This is being compounded by the incredible growth in the ecosystem in the number of devices, cloud apps, data transactions, and connected users. There will be an estimated 50 billion devices by 2020, 65% of those mobile. An enormous annual 2.3ZB of global IP traffic will account for a 300% growth in 5 years.

The Black Market for Medical Records

There is a Black Market for medical records. This has particular implications for healthcare organizations because medical records are in high demand due to their premium value. While a credit card number is worth somewhere between .25 and $1, a medical record can be sold for between $10 and $50.

When a credit card number is stolen, the cardholder will get a call from the card issuer informing them that their card has been breached. Then, they are informed that the card has been cancelled and a replacement has been sent. Medical records contain names, address, birthdates and Social Security numbers which can not be changed and they have no expiration date. Stolen medical records are used to commit Medicare fraud, health plan fraud, and health insurance fraud. They can also be used to file phony tax returns for refunds.

In combination, the information contained in stolen medical records makes them of high value to cybercriminals, causing them to be targets of high demand.

Attackers - Smart and Sophisticated

Not only is the attack surface growing, but attackers are getting smarter and more sohisticated. Cyber crime groups increasingly operate like traditional business. Far removed from the days of the "Nigerian" email scammers asking idividuals to send money to bogus business officials in Nigeria. Today's attackers, usually operating from places where they are able to function with no risk of prosecution, are often formidable with corporate structures, significant financial resources, white-collar employees, regular hours, and all of the other trappings of a successful organization.

They have a high amount of technical education, often from places with an otherwise poor job market. Many of the groups are located in Eastern Europe and from Internet-supported areas in Africa and Asia.

The spoofing and phishing messages that are a product of their efforts are cleverly crafted and could easily trick savvy user targets into opening them. Similar tactics are used in threats from URL spoofing, other malicious sites, rogue web applications and additional malware.

Expanding Complexity

A significant factor related to cyber risk is the expanding complexity inherent in today's IT infrastructure. Not only has the number of connected devices increased rapidly, the changing nature of our work environment also impacts breach preparedness.

  1. 25% of users spend their worktime off network.
  2. 65% of companies use 6+ security solutions.
  3. 28% of security constraints are from product incompatability.
  4. The use of cloud applications necessitates securing the cloud in addition to on-premise sites.
  5. Consolidation necessitates extending protection to secondary locations.
  6. The shortage of experienced cybersecurity specialists creates staffing challenges.

The Cost of a Data Breach

From HIPAA fines to remediation costs to reputational loss, data breaches have real-world effects and have a significant financial impact across organizations.

According to the Cisco 2017 Security Capabilities Benchmark Study, after a security breach 38% of organizations see a substantial loss of revenue. 39% of organizations see a substantial loss of revenue. 39& of organizations see a substantial loss of customers. 42% of organizations see a substantial loss of opporunity, and more importantly, 51% of organizations report a $10M and above cost once all is said and done.

In early April 2018, the AnnualNetDilligence Cyber Claims Study revealed that the healthcare and professional services sectors each represented 18% of the total data breaches in 2017. 27% of the breac hes were attributed to hackers while 25% involved insiders. The average cost of a breach for the healthcare industry was $717,000 - which included crisis services, legal defense and legal setltement fees - compared to $394,000 across sectors.

Breach Preparedness

In 2014, the FBI published a warning to healthcare organizations. The notice stated: "The greatest vulnerability to(to the security of patient data) was the perception of IT healthcare professionals beliefs that their current perimeter defenses and compliance strategies were working when clearly the data states otherwise."

In this context, it is necessary to realize that 65% of attacks evade existing security tools. Then, 85% of intrusions aren't discovered for week, while 54% remain undiscovered for months. Traditional  fragmented security can not solve these challenges. Security solution fragmentation is one of the key drivers of the growing threats in the market.

With 65% of organizations using 6 or more incompatible solutions concurrently, as businesses become more complex, individual components are pieced together to meet current needs. Due to this patchwork security solution approach, companies suffer from decreased visibility, losing the understanding of what is covered and what is not, and creating additional security gaps.

Once a system is infected, it can easily spread across the network. These vulnerabilities are great opportunities for cybercriminals to exploit.