Healthcare Organizations, Like Many Other Organizations, Are Too Confident in Cybersecurity
Healthcare organizations (HCOs) tend to be overconfident when it comes to their cybersecurity posture, a new LexisNexis report found. Even though the majority of HCOs are very confident in their cybersecurity programs, many organizations have not implemented certain best practices in order to protect their data and systems.
The vast majority (93%) of HCOs protect patient portals by means of username and password authentication. However, multi-factor authentication is used by less than two-thirds (65%) of organizations, even though “this is considered a baseline recommendation by key cybersecurity guidelines,” Erin Benson of LexisNexis explains.
This issue of overconfidence in cybersecurity is seen across many industries. The bad news is that this significantly increases risk to the business.
There are economical ways to mitigate risks before a breach. After a breach expense goes way up. So, organizations that take preventive action to reduce risk can save both money and management attention. But it is very hard for organizations to take preventive action if they are over confident.
There are ways to break this cycle, most of which start with executive level awareness campaigns. After awareness, leadership can do things like arrange for independent assessments of security posture to ensure appropriate steps are being taken.
When it is time for an assessment like that, contact OODA.