Third-party vendors made the healthcare sector most vulnerable to cyberattacks in 2022, as at least 55 percent of healthcare organizations suffered a data breach in the last 12 months due to vendors, Security Magazine reported Jan. 18.
Here are the top three healthcare cybersecurity vulnerabilities to be aware of, according to the report:
- Third-party data breaches: A typical healthcare organization has an average of 1,320 vendors under contract, and it has been reported that at least 55 percent of healthcare organizations have suffered a third-party data breach in the last 12 months. The Department of Health and Human Services' HIPAA breach reporting website also showed that half of the 10 largest healthcare-related data breaches reported in 2022 were caused by vendors or business associates.
- Cloud breaches: Healthcare organizations store almost 73 percent of their sensitive data in the cloud, and according to a survey by data security company Netwrix, 61 percent of healthcare organizations said they had experienced an attack on their cloud infrastructure in the last 12 months, with phishing being the most common cloud breach tactic.
- Internet of Things attacks: According to the report, 53 percent of IoT devices are vulnerable to cybersecurity breaches. The most vulnerable of these devices is the IV pump, which accounts for 38 percent of a typical hospital IoT footprint, while Voice over Internet Protocol accounts for 50 percent of IoT devices in a hospital.