The recently released 2023 IBM Security Cost of a Data Breach Report highlights that cyberattacks against the Health Care Sector continue to increase, leading the list of most expensive remediations for the 13th year in a row. Since 2020, the cost of remediation after an attack on health care data increased a staggering 53.3 percent with an average cost of $10.93 million, more than double all sectors but one, the Financial Sector, which decreased from last year while health care increased. See the figure below from the report. Health care accounts for only one percent of the attacks but remains the costliest. These costs continue to bring great impacts to the Health Care Sector as a hospital in Illinois closed in June 2023 after suffering from a cyberattack. However, these events need not happen.
Mitigation Strategies
In response to this threat, all organizations should consider the following mitigation steps:
- Switching to biometric or two-factor access for all systems and access to data.
- Review of internal policies and service level agreements with cloud storage providers for security responsibilities and encryption of data and HIPAA compliance.
- Rigorous tabletop exercises to stress the existing policies and procedures for when an attack occurs to identify areas needing attention and action.
Baker Donelson can assist in reviewing your data mapping and protection considerations, creation of security programming, disaster recovery and incident response, and further ensuring that your policies and procedures reflect the correct operating stance to protect your information and devices, as well as implementation. For any questions about how a cyberattack might affect your business or your clients, or how you can better prepare for these types of threats, please contact Dr. Michael Klipstein, CISM, CISSP, or any member of the Baker Donelson Data Protection, Privacy, and Cybersecurity Team.