Versão em Português (clique aqui) 

 Insight Inc., a specialist in cybersecurity services, recently published its "Healthcare breach report H1 2023", highlighting the cybersecurity threats faced by the healthcare sector during the first half of 2023.


Overview:

The report reveals that, despite a decrease in the total number of breaches, there was a significant increase in the number of individuals affected. Notably, the focus of the attacks has been on the supply chain and third-party associates. Additionally, there's been a shift in some attackers' strategies from encryption to extortion.


The Breach Landscape:

The first six months of the year saw an encouraging decrease in the overall number of data breaches impacting healthcare organisations. However, this was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, reaching record levels. The report indicates that 2023 is on track to break the record for individuals affected by breaches.


Causes of Data Breaches:

Hacking/IT incidents were the primary cause, accounting for 73% of breaches in H1 2023. Compared to the most affected breach type in the previous reporting period, unauthorised access/disclosure was the second most prevalent type in H1 2023.


Hacker Entry Points and Tactic:

Hackers have intensified their attacks on third-party business associates, as breaches associated with these have steadily risen and were significantly higher than individuals affected in breaches related to healthcare providers and health plans. Of the 40 million exposed records, 48% were linked to business associates, while 43% were associated with healthcare providers. In the first half of 2023, 50% of individuals impacted by a breach had a business associate involved.


What Should Healthcare Organisations Do?:

To adequately prepare, organisations should start with an incident response plan and a NIST-CSF-based risk assessment to build a multi-year strategy. A robust focus should be placed on safeguarding third-party vendors, business associates, and suppliers from vulnerabilities. Moreover, it's essential to ensure support from the board, emphasising the most critical impact for the investment.