Findings detail an increase in cybersecurity threats throughout first half of 2021; offers actionable guidance for combatting malicious activity, while building awareness of healthcare’s cybersecurity landscape
FRANKLIN, Tenn., – July 13, 2021 – Fortified Health Security, Healthcare’s Cybersecurity Partner®, today released the 2021 Mid-Year Horizon Report. The report details findings that illustrate how healthcare providers, health plans and business associates are being affected by cybersecurity threats from bad actors in the first half of 2021 and what security measures healthcare organizations should implement to combat these high-profile threats.
The report leverages a comprehensive cross-section of information, expertise and statistical analysis to highlight industry-wide trends, insights and predictions. Horizon Reports have been published by Fortified Health Security since 2017 and are designed to help healthcare stakeholders navigate the exceedingly complex cybersecurity landscape by sharing best practices and actionable guidance.
Significant findings from the 2021 Mid-Year Horizon Report include:
- The number of breaches reported to the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) in the first six months of 2021 increased by 27% over the same period in 2020.
- The total number of affected individuals skyrocketed more than 185%, from 8 million individuals in the first six months of 2020 to 22.8 million affected individuals in the first six months of 2021.
- Healthcare providers continue to account for the most breaches, 73% of the total, with health plans accounting for 16% and business associates 11%.
- Malicious attacks were the No. 1 cause of breaches for the fifth consecutive year, and for three years running, malicious attacks accounted for 73% of all breaches.
“Now as the healthcare industry gets some breathing room from the pandemic, another one is surging –cyber attacks,” said Dan L. Dodson, CEO of Fortified Health Security. “The attacks on our nation’s critical infrastructures which includes our hospital systems, has resulted in government agencies showing a renewed focus on cybersecurity. This has helped move cybersecurity to the forefront of many boardroom discussions. We, as healthcare leaders, must seize this opportunity to educate and inform stakeholders on the current cybersecurity threat landscape and the actions needed to combat these attacks.”
The pandemic forced many healthcare organizations, along with other industry segments, to establish remote work environments for non-patient-facing workers, leading employees to transform bedrooms and kitchens into home-office spaces. As a result, the prevalence of a remote workforce expanded the attack surface that cybersecurity teams in virtually all industries had to protect, as private records and data moved outside their facilities. According to the report:
- SolarWinds alone potentially affected 18,000 companies, including 400 of the Fortune 500 and the U.S. Department of Homeland Security.
- Blackbaud’s breach affected an estimated 100 organizations, hitting healthcare particularly hard, resulting in nearly two dozen lawsuits.
- Cybercrime is expected to inflict $6 trillion in global damages this year, a figure predicted to climb to $10.5 trillion by 2025.
- More than nine in ten U.S. companies have suffered a breach in the past year due to a supply chain weakness.
Earlier this year, Fortified Health Security released the 2021 Horizon Report – detailing findings that illustrate how, as healthcare organizations continue to respond to the pandemic, cybercriminals have continued to persist in their attacks on providers, health plans and business associates compromising sensitive patient data, while impacting the delivery of care to patients.
Fortified Health Security’s 2021 Mid-Year Horizon Report builds on that guidance, while aiming to predict the short-term future of cybersecurity in healthcare. The full report is available for download here.
About Fortified Health Security
Fortified is Healthcare’s Cybersecurity Partner® – protecting patient data and reducing risk throughout the healthcare ecosystem. As a managed security service provider, Fortified works alongside healthcare organizations to build tailored programs designed to leverage their prior security investments and current processes while implementing new solutions intended to reduce risk and increase their security posture over time. Fortified’s high-touch engagements and customized recommendations maximize the value of investments and result in actionable information to help reduce the risk of cyber events.