Health IT Security published an article describing the cost of data breaches in the industry. To hear about TMG’s thoughts on cybersecurity, please contact our Vice President, Deborah Page.
According to IBM Security’s 2023 report, the average cost of data breaches in the healthcare industry rose by $1M from 2021 to$11M. This average cost is higher than in any other industry because healthcare is considered critical infrastructure and there are a large number of regulations governing health information.
The cost of a data breach can be calculated by accounting for detection isolation, notification, post-breach response, and lost business costs. Critical infrastructures faced average breach costs $1.26M higher than non-critical industries and the US had the highest cost among all other countries.
The report found that a shorter timeframe between detection and containment, the “breach cycle,” decreased the costliness of the breach. Other mitigating factors included incident response planning & testing, employee training, and high usage of a DevSecOps approach.
Nearly a quarter of the attacks analyzed involved ransomware. The inclusion of law enforcement was a major factor in decreasing costs for organizations in ransomware attacks. Organizations could also utilize automated response playbooks and workflows prepared to mitigate the effect of ransomware attacks.
In summary, the industry has proven to be slow to adapt, with only 51% of organizations reporting an increased investment in security following a breach.
