Healthcare organizations were under attack more than ever by cybercriminals in 2022, overtaking finance as the most breached industry, according to the latest analysis from Kroll.
Healthcare accounted for 22 percent of the breaches analyzed in the newest update to Kroll’s “Data Breach Outlook,” compared to 16 percent in 2021. Finance fell to No. 2 on the list, accounting for 19 percent of breaches.
Since the Covid-19 pandemic, the healthcare industry has become particularly vulnerable to data breaches and increased frequency of cyberattacks. The study, however, noted the industry being most breached might not equate to the most concerned consumers. While healthcare suffered the largest proportion of incidents, the number of incoming calls related to breaches and consumers taking up identity protection were less than in the finance industry, according to the analysis.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Trial Membership
First week free, then $499 for an annual Membership
Cancel anytime within the trial period.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
About 83 percent of data breaches are perpetrated by external bad actors and not employees, with 70 percent of those breaches linked to organized crime groups with financial motives, according to the latest research.
Experts share perspectives regarding the criticality of cybersecurity risks, what the response of management and boards should be, and how proposed disclosure requirements need to be incorporated into cyber-related responsibilities.
Principal Associate Deputy Attorney General Marshall Miller called the conviction of a former Uber Technologies chief security officer on obstruction charges an “outlier” that should not discourage compliance officers from self-reporting violations.
Companies that think paying reduced ransomware demands would be a better move than informing regulators of a data breach and facing enforcement are playing with fire, according to experts.
Businesses can prepare for the Securities and Exchange Commission’s upcoming cybersecurity disclosure rule by going through it and identifying key gaps in compliance.
Data security and compliance are not one and the same but have enough overlap that organizations can take steps when building a data security program to move closer to achieving compliance.
