healthcare cyber security: threat prognosis1 fireeye (2015). "m-trends 2015: a view from the...

FireEye, Inc. 1440 McCarthy Blvd. Milpitas, CA 95035 / 408.321.6300 / 877.FIREEYE (347.3393) / [email protected] fireeye.com © 2016 FireEye, Inc. All rights reserved. FireEye is a registered trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners. INFO.HEALTH.EN-US.072016 LEARN MORE www.fireeye.com/solutions/healthcare.html THREAT PROGNOSIS HEALTHCARE CYBER SECURITY: Healthcare organizations suffer breaches as frequently as people catch a cold. Regulatory compliance, while necessary, is not sufficient protection against today’s cyber attacks. 100% of healthcare organizations that were victims of cyber breaches in 2014 were security compliant, with up-to-date anti-virus signatures and firewalls. 1 “GOOD ENOUGH” SECURITY NEVER IS 1 FireEye (2015). "M-Trends 2015: A View from the Front Lines." 2 Ponemon Institute (2015). "2015 Cost of a Data Breach Study: Global Analysis." 3 HIMSS News (June 30, 2015). "HIMSS Survey Finds Two-Thirds of Healthcare Organizations Experienced a Signiﬁcant Security Incident in Recent Past." 79% of surveyed companies were breached multiple times in the past 24 months. 2 40% were breached 5+ times. 2 of healthcare organizations have recently experienced a significant security incident. 3 2/3 SOLUTIONS / HEALTHCARE WHY IS HEALTHCARE UNDER ATTACK? MEDICAL AND PRESCRIPTION RECORDS (permanent data) SOCIAL SECURITY NUMBERS (hard to change) SYSTEM COMPROMISE INJURY OR DEATH DUE TO COMPROMISED MEDICAL DEVICES INSURANCE FRAUD HIPAA FINES (AS AN EXAMPLE) IDENTITY THEFT (HARD TO REPAIR) LAWSUITS, IT SYSTEM REMEDIATION, REPUTATION LOSS per connected medical device 4 $7 to $9 million maximum fine per incidence of protected health information (PHI) theft per year $1.5 million FIREEYE CAN HELP YOU BUILD A CASE FOR STRONGER CYBER SECURITY RIGHT NOW 1 2 FACTOR IN FINANCIAL COST 3 4 475-45-XXXX 341-66-XXXX $3.63 million 6 176-82-XXXX BUT STILL… EXECUTIVES WAIT of CIOs/CISOs understand the need for stronger cyber security but do not act until a trigger event occurs 6 65% 6 Ponemon Institute (2013). "The Post Breach Boom." The annual cost of data breaches for the healthcare industry is CRIMINALS MAKE HEALTHCARE PAY 4 Partnoy, Frank. Globalist.com (July 21, 2012). "The Cost of a Human Life, Statistically Speaking. 5 Munroe, Dan. Forbes.com (Dec. 31, 2015). "Data Breaches in Healthcare Totaled Over 112 Million Records in 2015." $6 billion 2 The 10 largest healthcare cyber attacks of 2015 affected 111,022,154 records, 5 valued at up to $154 per record breached! 2 It’s easy to see how compromised systems and data loss lead directly to financial losses. FACTOR IN FINANCIAL GAINS FACTOR IN COST ASSUMPTIONS DISCOVER YOUR BREAK-EVEN POINT Healthcare includes providers, medical insurers and pharmaceutical and other life sciences organizations. Their records have a higher black market value than credit cards. Specifically, medical and prescription records and Social Security numbers have a long shelf life for identity theft and insurance fraud.

Upload: others

Post on 08-Jun-2020

3 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: HEALTHCARE CYBER SECURITY: THREAT PROGNOSIS1 FireEye (2015). "M-Trends 2015: A View from the Front Lines." 2 Ponemon Institute (2015). "2015 Cost of a Data Breach Study: Global Analysis."

FireEye, Inc.1440 McCarthy Blvd. Milpitas, CA 95035 / 408.321.6300 / 877.FIREEYE (347.3393) / [email protected]

fireeye.com

© 2016 FireEye, Inc. All rights reserved. FireEye is a registered trademark of FireEye, Inc. All other brands, products, or service names are or may be trademarks or service marks of their respective owners. INFO.HEALTH.EN-US.072016

LEARN MORE www.fireeye.com/solutions/healthcare.html

THREAT PROGNOSISHEALTHCARE CYBER SECURITY:

Healthcare organizations suffer breaches as frequently as people catch a cold. Regulatory compliance, while necessary, is not sufficient protection against today’s cyber attacks. 100% of healthcare organizations that were victims of cyber breaches in 2014 were security compliant, with up-to-date anti-virus signatures and firewalls.1

“GOOD ENOUGH” SECURITY NEVER IS

1 FireEye (2015). "M-Trends 2015: A View from the Front Lines." 2 Ponemon Institute (2015). "2015 Cost of a Data Breach Study:

Global Analysis." 3 HIMSS News (June 30, 2015). "HIMSS Survey Finds Two-Thirds of

Healthcare Organizations Experienced a Significant Security Incident in Recent Past."

79%of surveyed companies were breached multiple times in the past 24 months.2

40%were breached 5+ times.2

of healthcare organizations have recently experienced a significant security incident.3

2/3

SOLUTIONS / HEALTHCARE

WHY IS HEALTHCARE UNDER ATTACK?

MEDICAL AND PRESCRIPTION RECORDS (permanent data)

SOCIAL SECURITY NUMBERS (hard to change)

SYSTEM COMPROMISE

INJURY OR DEATH DUE TO COMPROMISED MEDICAL DEVICES

INSURANCE FRAUD

HIPAA FINES (AS AN EXAMPLE)

IDENTITY THEFT (HARD TO REPAIR)

LAWSUITS, IT SYSTEM REMEDIATION, REPUTATION LOSS

per connected medical device4

$7 to $9 million

maximum fine per incidence of protected health information (PHI) theft per year

$1.5 million

FIREEYE CAN HELP YOU BUILD A CASE FOR STRONGER CYBER SECURITY RIGHT NOW

1 2

FACTOR IN FINANCIAL COST

475-45-XXXX341-66-XXXX

$3.63 million6

176-82-XXXX

BUT STILL… EXECUTIVES WAIT

of CIOs/CISOs understand the need for stronger cyber security but do not act until a trigger event occurs6

65%6 Ponemon Institute (2013). "The Post Breach Boom."

The annual cost of data breaches for the healthcare industry is

CRIMINALS MAKE HEALTHCARE PAY

4 Partnoy, Frank. Globalist.com (July 21, 2012). "The Cost of a Human Life, Statistically Speaking.5 Munroe, Dan. Forbes.com (Dec. 31, 2015). "Data Breaches in Healthcare Totaled Over 112 Million Records in 2015."

$6 billion2

The 10 largest healthcare cyber attacks of 2015 affected 111,022,154 records,5 valued at up to $154 per record breached!2 It’s easy to see how compromised systems and data loss lead directly to financial losses.

FACTOR IN FINANCIAL GAINS

FACTOR IN COST ASSUMPTIONS

DISCOVER YOUR BREAK-EVEN POINT

Healthcare includes providers, medical insurers and pharmaceutical and other life sciences organizations. Their records have a higher black market value than credit cards. Specifically, medical and prescription records and Social Security numbers have a long shelf life for identity theft and insurance fraud.

mailto:info%40fireeye.com%20

https://www.fireeye.com

https://www.fireeye.com/solutions/healthcare.html

FIREEYE NETWORK SECURITY

FireEye Webinar 11. November 2015 - Home | AVANTEC Documents... · FireEye Webinar 11. ... QUESTIONS? Thomas Cueni [email protected]. Title: Microsoft PowerPoint - FireEye

Data Security in the Evolving Payments Ecosystem · Ponemon Institute© Research Report Page 1 Data Security in the Evolving Payments Ecosystem Ponemon Institute, April 2015 Part

Marketo - By 2015, FireEye’s reporting requirements had€¦ · FireEye Drives Marketing ROI with Marketo Revenue Analytics FireEye executes thousands of marketing campaigns each

Imperva SecureSphere and FireEye Malware Protection System … · 2016. 1. 22. · IMPV-SB-FireEye-0116-v1 FireEye Malware Protection System enables organizations to: • Protects

IntSights for FireEye Integration Benefits External Threat … · 2020-06-07 · IntSights for FireEye External Threat Protection and Enterprise Security IntSights and FireEye deliver

Threat hunting and incident response with FireEye - …...Agenda •About CS Computer Systems •Security Timeline •Threat Hunting and Incident Response •FireEye technology •FireEye

FireEye Advanced Threat Report

2014: A Year of Mega Breaches - Ponemon Institute The...2014: A Year of Mega Breaches Ponemon Institute, January 2015 Part 1. Introduction ... 2015 is predicted to be as bad or worse