Bitsight® has released its Third Annual Bitsight Insights Industry Benchmark Report. Per the introduction to the report:
BitSight analyzed the security performance of six key industry sectors: Finance, Federal Government, Retail, Energy/Utilities, Healthcare and Education. These industries hold diverse types of data that are sensitive and valuable – especially to attackers.
Read about the SurfWatch Labs 2015 Mid-Year Report to Discover Who, What, How, Why of Health Care Cyber Attacks in 2015. Click here or go to http://wp.me/p4bsis-1kt
So how did the health care industry fair? This includes both providers and health plans.
- Good News: The healthcare sector was not the worst performing industry.
Education won the prize for the lowest performing industry. Education took the prize for the sector most vulnerable to security risks. Health care took second place. Health care is the second most vulnerable to security risks.
- No so Good News: Health care progress to improve security vulnerabilities is stagnant.
In last year’s study, health care scored 630. This year, health scored 634. The highest performance industry, the industry with the less vulnerability to security vulnerabilities was Finance with a score of the 716.
- The Bad News: Health care is suspect to the Freak and Poodle Bug.
A major focus of the report was on SSL Vulnerabilities. Health care shows very low vulnerability to the heartbleed bug, but high for the FREAK bug and very high for the POODLE bug.
Read the HiTech Terms to discover what are Poodle Bugs and SSL attacks? Click here or go to http://wp.me/p4bsis-1lu
To combat the vulnerabilities, it is suggested that providers and health plans:
- Update their website from SSL to TLS encryption.
- Keep their browsers [Chrome, Firefox, etc.] up to date.
- Don’t use public WiFi.
- Refuse to electronically communicate with outdated software.