55% of medical cyber attacks were caused by phishing

A survey has revealed that 83% of US physicians have experienced some kind of cybersecurity attack, with phishing being the main cause (55%). The survey conducted by Accenture and the American Medical Association (AMA) questioned 1,300 physicians. The findings ‘underscore the recognition that it is not “if” but “when” a cyberattack will occur.’

Key findings:

  • 55% are worried about future cyber attacks
  • 53% are concerned about patient safety in future attacks
  • 64% of physicians who have experienced a cyber attack suffered up to four hours’ downtime
  • The areas of most concern are interruption to the business and compromised patient data (both 74%), and patient safety concerns (53%)

A report from Mimecast and HIMSS Analytics supported these findings as they revealed the most likely source of a data breach to be email. While email is viewed as a major risk source to organizations, it is also a primary communications channel. Over 9 in 10 people surveyed identified it as “critical” to their organization. 43% then went on to say that email downtime could not be tolerated.

Preventing malware and/or ransomware attacks was identified as a top priority within organizations for the coming year. Training employees to be diligent when it comes to cybersecurity was the second highest priority.

The number of data breaches within the healthcare sector is increasing, possibly because of the volume of personal data that this sector holds. With phishing attacks on the increase, in volume, sophistication and severity, particularly in the healthcare sector, this highlights the importance of training staff.

How can you raise staff awareness?

All businesses, no matter how small, need to train their staff on cyber risks, and the training needs to be consistent. It doesn’t have to be expensive, and educating employees via a staff awareness program is often a preferred option.

Staff awareness programs are relatively easy to implement and include tools such as e-learning courses, training aids such as card games that encourage staff to reflect and get involved with discussions, and customized books and guides.

Our Phishing and Ransomware – Human patch e-learning course provides employees with an introduction to phishing and ransomware, and what they need to be aware of to help prevent attacks. By educating your staff, you can significantly reduce the risk of your organization falling victim to an attack.

Preview the course here >>