The three most critical and common high-security cyber risks facing healthcare delivery organizations and their partners have been uncovered in an analysis by the Clearwater CyberIntelligence Institute (CCI).
At the top of the patient data breach vulnerability list is user authentication deficiencies, followed by endpoint leakage and excessive user permissions, the CCI analysis revealed. Together, the top three areas of vulnerability account for nearly 37 percent of all critical risk scenarios.
“Hospital executives should direct their immediate attention to these three top vulnerabilities and consider action to reduce their organization’s risk profile,” said Clearwater’s Jon Stone, who leads CCI and serves as senior vice president for Product Innovation. “It is critically important that hospitals and health systems evaluate their organization’s information systems to determine their specific risk ratings on these three critical vulnerabilities and take the necessary steps to close any gaps.”
For context, user authentication deficiencies are weaknesses in the process used by an organization to uniquely identify and verify a user. Examples of deficiencies include such things as use of generic User IDs and/or passwords, posting user passwords on monitors or under keyboards, and emailing user credentials unencrypted over external networks. Some of the most common technology associated with these gaps include servers and SaaS (Software-as-a-Service) solutions.