The IBM Cybersecurity Report of 2019 details the cyber risk to businesses across industries. A summary of key information is provided here. For more details, please send an email to Ali.Pabrai@ecfirst.com and we will share an executive summary of this report.
The IBM Cybersecurity Report identified an average of 1,440 unique vulnerabilities, per organization. Currently, there are more than 140,000 vulnerabilities recorded. Over the last several years, there has been a significant increase in the number of vulnerabilities disclosed globally and the rate at which they are being reported – nearly one-third (30%) of all vulnerabilities and disclosed in the last three decades have been reported in the past three years. Increasingly, as organizations continue moving to services hosted in the cloud – cloud resources to continue to be a popular target.
State of Cyber Risk in the Healthcare Industry
- The 2018 Ponemon Report states that the healthcare industry has the highest cost per record breached in a cyber incident, at $408
- This cost is nearly twice the amount of the next-highest industry—financial services—at $206 per record breached, and far above the grand average of $148
- Cybersecurity in the healthcare industry is not just a risk to critical systems and devices that—for some patients—can mean the difference between life and death
- With the increased deployment of biomedical and patient medical devices that are connected to the Internet, cyber risk in the healthcare industry, is not just a patient data issue, but directly impacts patient safety
Over the last three years, more than 11.7 billion records and over 11 Terabytes of data were leaked or stolen in publicly disclosed incidents. To put the enormity of terabytes in perspective, 11 terabytes is the equivalent of nearly five billion single-spaced typewritten pages. Organizations must be continually prepared to address the business risks associated with disruptive cyber-attacks – which will continue in 2019 and beyond. An important step is to make the strategic decision to base your enterprise cybersecurity and compliance program on a credible framework. I would highly recommend the HITRUST CSF framework as the standard to provide the foundation for your cybersecurity program.
Schedule a complimentary, private 29-minute Webinar to learn more about how HITRUST CSF and the NIST CsF framework can help you plan and organize your cybersecurity priorities. Email Ali.Pabrai@ecfirst.com for more details.
Date: April 02, 2019