Healthcare and pharma least prepared for external cyber threats

Only 16 percent of healthcare and pharmaceutical organizations have a formal process for monitoring the Internet and social media for external cyber threats.

In addition, just 26 percent of respondents in the healthcare and pharmaceutical industry believe they have the tools and resources to analyze and understand external threats; 29 percent say they have the tools and resources to mitigate such threats; and 34 percent indicate that they have the tools and resources to monitor these threats.

Those are among the findings of a new survey conducted by the Ponemon Institute and sponsored by cybersecurity vendor BrandProtect. Specifically, respondents were surveyed about external cyber threats—those that arise outside an organization’s traditional firewall and security perimeter, and use online channels and use email, social media, mobile apps, or domains as their primary attack technology.


“When it comes to the actual ability of organizations to have the tools and resources necessary to monitor, analyze, and mitigate these external threats, unfortunately healthcare trailed in every category,” says Greg Mancusi-Ungaro, chief marketing officer at BrandProtect. “Although there is awareness of this issue, the security teams across the healthcare industry are indicating they’re behind the curve.”

The 591 information technology and IT security practitioners in the United States surveyed were drawn from six industries—financial services, health and pharma, industrial and manufacturing, public sector, services and retail—to determine differences in preparedness for dealing with external cyber threats.

According to the findings, the financial services industry is most prepared to monitor and reduce external threats, and is most likely to have a formal monitoring process. Examples of external threats include socially engineered attacks; executive impersonations; brand-based attacks with ransomware, malware or other payloads; rogue social domain activity; hactivism/activism; and activities that violate compliance or regulatory requirements.

The frequency of these external attacks and their financial costs for industry are significant. Survey respondents reported that they experienced an average of 32 material cyber attacks during the past 24 months, or slightly more than one per month, costing them an average of $3.5 million annually.

“What this report calls attention to is the opportunity to actually become a harder target by paying attention to these kinds of probing-style external threats,” concludes Mancusi-Ungaro. “These attacks don’t just happen overnight. They are the result of a long process of reconnaissance, planning, investigation and external activity.”

For reprint and licensing requests for this article, click here.