Only a third of German healthcare companies have invested in preventive cyber defense. Kaspersky study: three quarters of healthcare organizations experienced a cyber attack during the pandemic. 63,3 percent consider their IT cybersecurity budget to be sufficient, but more than half lack tools and know-how.
The German healthcare system seems to have some catching up to do in terms of measures against cyber attacks. Only 34,7 percent of healthcare IT decision-makers in Germany believe they have enough tools and know-how to fight cyber threats preventively. Nevertheless, 63,3 percent are of the opinion that their budget for IT security is sufficient for the requirements of the next two years. This emerges from the Kaspersky study “Patient Hospitals: on the IT security situation in the healthcare system in Germany, Austria and Switzerland”.
Study on the security situation in the health sector
According to the Federal Ministry of Health (BMG), “promoting digitization is the key requirement for the successful further development of our healthcare system”. However, the growing use of – sometimes complex – IT systems also reveals the technological weaknesses in the healthcare system. Especially in times of increased digitization initiatives, clinics, laboratories, research institutions and medical centers must ensure the IT security of their infrastructure and take appropriate and sustainable measures accordingly.
There is currently an acute threat and many cyber attacks on the healthcare system. Over a quarter (26 percent) of the organizations surveyed by Kaspersky in Germany experienced more attacks on their IT infrastructure during the pandemic. In particular, spear phishing (43,5 percent) as a gateway represents a risk. Employees who have insufficient knowledge of digital security or who knowingly ignore security regulations are also a risk, according to 30 percent of the IT decision-makers surveyed in Germany . The concern that patient data is at risk is shared by more than a quarter (28 percent) of all survey participants.
28 percent see patient data at risk
“It is particularly important for companies working in the healthcare sector to take preventive measures to protect against cyber attacks, because the damage that can be caused by cyber attacks often goes beyond the financial aspect and, in the worst case, can endanger lives”, says Christian Milde, General Manager Central Europe at Kaspersky. “In addition, according to our study, almost three quarters (72 percent) of German companies in the healthcare sector experienced at least one cyber attack during the pandemic. This shows how important powerful and proactive cyber protection is for the sometimes very vulnerable systems in hospitals, care facilities or other organizations in the healthcare sector. Decision-makers must now take action and preventively protect their systems from malware and cyber attacks.”
Companies need to be proactive
"If IT security is endangered, this can have devastating consequences and even lead to serious existential worries in our company", according to the statement of a survey participant from the field of 'prevention, health promotion as well as health and nursing care'.
But what can companies proactively do to be armed against state-of-the-art cyber attacks? The IT security expert Kaspersky recommends the most important measures that go beyond standard protection, such as conventional IT security solutions, regular updates and patches, and shows what the current level of adaptation to the individual points in Germany looks like.
Recommended measures and status quo in Germany
- In the event of an emergency, set up a business continuity plan or a disaster recovery plan, which is also regularly checked for usefulness and correct mechanisms. 67,3 percent of the IT decision-makers in the healthcare sector surveyed in Germany have such plans for emergencies. The experts at Kaspersky ICS CERT help with a basic assessment and support you with the individual conception of an emergency plan.
- Companies should have a dedicated budget for IT security. However, only just under two thirds (63,3 percent) of those surveyed are of the opinion that their IT security budget is sufficient for future requirements.
- Protecting cloud software and activities using special security tools or services: According to a Kaspersky study, not even half (46,7 percent) of companies in the healthcare sector in Germany do this. A central security solution such as Kaspersky Endpoint Security Cloud covers the entire IT security needs of medium-sized companies.
- Seek support from external security experts and use threat intelligence like an external Cyber Security Operations Center (SOC). Such managed detection and response services [5] are not only of interest to large companies, but also to medium-sized companies. Only a third (37,3 percent) have made use of such expertise and only one in five companies (20,7 percent) from the German healthcare sector has so far relied on its own SOC.
- Evaluate existing security solutions and / or look for a (new) solution. After all, just under a third (32 percent) of healthcare companies in Germany are currently thinking about this.
- Carry out network segmentation, i.e. separate critical systems (such as X-ray machines, computed tomography, etc.) from the office IT infrastructure: This important security measure to protect against the loss of patient data, for example, is implemented in Germany by just 28,7 percent.
- Use Security Information and Event Management (SIEM). 27,3 percent of those surveyed in Germany already have an SIEM.
- Employee training is critical to cybersecurity as human error due to lack of knowledge and awareness is the number one cause of cyber incidents. In Germany, only 26,7 percent of companies in the health sector carry out cross-departmental cybersecurity training for all employees.
"With 58,7 percent, more than half of the IT decision-makers in the German healthcare system classify their own threat situation as 'high'," adds Christian Milde. "76,7 percent of the survey participants therefore also want to work with a trustworthy external IT security partner to strengthen their own cyber security measures. We support organizations with their internal security concept, for example with our global threat intelligence network, which provides detailed insights into current cyber threats. Kaspersky Threat Intelligence [7] provides the latest and most reliable information on the latest malware and botnet threats through the collaboration of world-leading teams of researchers and analysts. This helps companies to optimize their own security controls and be able to react to potential threats in a timely manner.”
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/