Comparing Vectra and Verizon Threat Research: Internal Errors in Healthcare is Very Real

Updated on June 11, 2019
Chris Morales high res copy

By Chris Morales

In our 2019 Spotlight Report on Healthcare, based on anonymized customer metadata, we identified a trend in internal user error.

Lapses in the proper implementation of a security plan or gaps in policies and procedures were a common problem, which could result in errors by staff members, leaving healthcare organizations exposed to theft or data loss.

Echoing what Vectra observed from its own healthcare customers, the Verizon 2018 Data Breach Investigations Report indicated that a key security risk for the healthcare industry is its susceptibility to internal errors and misuse. The report shows that the healthcare industry faces the highest risk from accidental or intentional insider threats than external threats.

The Verizon 2018 Data Breach Investigations Report was the latest available at the time of our research. While the Vectra Spotlight Report on Healthcare was based on 2018 anonymized customer metadata, the 2018 Verizon report was from 2017 breach disclosure research. That means there was a year of discrepancy in observed behaviors.

Since Verizon released its new 2019 Data Breach Investigation Report, I was interested in understanding what had changed in healthcare since the 2018 report. The new Verizon report covers the same period as the 2019 Vectra Spotlight Report on Healthcare. 

Unsurprisingly, not much changed in the Verizon report from 2018 to 2019. The findings for healthcare appear to be nearly identical. As I was comparing the reports, I had to continually validate if I was looking at the 2018 or 2019 data because they were so similar. I took what Verizon reported for healthcare in 2018 and 2019 and broke it down into this table to understand the variances.

Screen Shot 2019 06 11 at 10.10.37 AM

The obvious difference is the frequency of breaches, with 750 incidents reported in 2018 compared to 466 incidents reported in 2019. The decrease is a good overall trend. I’m happy to see that the total number of incidents is trending down along with the number of confirmed data disclosures.

While examining the rest of the data, I found the same patterns of miscellaneous errors along with the same threat actors, motives, and types of data compromised.

Verizon discloses the total count and percentages of the type of actions taken in incidents. When comparing those metrics from a raw-numbers view, 2019 had far less incidents as the total number of incidents across the year trended downward.

But when I compared the actions taken based on percentages, the numbers are very consistent year over year, with only a few percentage points difference between most of them.

Screen Shot 2019 06 11 at 10.11.18 AM

The takeaway by comparing research from Vectra and Verizon is that the problem of internal errors in healthcare is very real and something that impacts all of us. 

Healthcare is constantly challenged with balancing security and policy enforcement with usability and efficiency. This is because healthcare organizations struggle with managing legacy systems and medical devices that don’t always have the best security controls for many reasons.

As a result, vulnerable processes persist, and weak trust models often stay implemented. 

In the Vectra 2019 Spotlight Report on Healthcare, we recommended broader visibility into traffic and behaviors inside the network. This will help security teams remain vigilant and more confident as cutting-edge medical technologies are adopted and deployed.

Emerging medical technologies will continue to become essential to the quality and speed of healthcare delivery, attracting patients and providing the best patient outcomes.

As the transformation of healthcare through new medical technology continues to move forward, healthcare organizations must remain mindful about what technologies are in place, how they are utilized, and when unauthorized actions occur.

About the Author

Christopher Morales is the head of security analytics at Vectra,a San Jose, Calif. cybersecurity firm that detects hidden cyberattacks and helps threat hunters improve the efficiency of incident investigations.

14556571 1295515490473217 259386398988773604 o

The Editorial Team at Healthcare Business Today is made up of skilled healthcare writers and experts, led by our managing editor, Daniel Casciato, who has over 25 years of experience in healthcare writing. Since 1998, we have produced compelling and informative content for numerous publications, establishing ourselves as a trusted resource for health and wellness information. We offer readers access to fresh health, medicine, science, and technology developments and the latest in patient news, emphasizing how these developments affect our lives.