According to a new report from the Ponemon Institute, the cost and frequency of cyber attacks is on the rise — and one industry, in particular, is getting hit especially hard. Healthcare institutions are expected to lose $1.3 billion to cyber attacks in 2017 alone, and with some of the top hospitals in the country located here in Boston, that brings the threat and potential economic impact of cyber attacks even closer to home.
For the report, which was sponsored by the Boston-based cybersecurity company I co-founded, Barkly, the Ponemon Institute surveyed 665 IT security professionals responsible for managing and reducing their organization’s security risk. Responses revealed just one successful cyber attack was responsible for costing organizations over $5 million on average, or roughly $300 per employee.
Loss of IT and end-user productivity was listed as the most costly consequence of successful endpoint attacks, with system downtime and theft of informational assets following closely behind.
Over half the respondents reported that they had suffered one or more successful attacks that compromised their data or IT infrastructure during the past 12 months. Three-quarters of those successful attacks utilized fileless techniques that helped them bypass traditional security solutions.
Not coincidentally, trust in traditional security products appears to have eroded. According to the report, less than a third of respondents believe their antivirus (AV) can stop the threats they are seeing. Four out of five organizations took action on that concern and replaced or supplemented their AV in 2017.
Ransomware also continues to be a top threat to organizations in all industries. More than half of the respondents experienced at least one ransomware incident. Of those, 40 percent experienced multiple infections.
Addressing these threats is understandably proving to be a challenge. Nearly three out of four respondents (73 percent) say it has become more difficult for their organization to effectively manage risk to their endpoints. Only a third of respondents indicate they have adequate resources to do so. With the average cost of successful attacks totaling over $5 million, however, failing to address security gaps or simply waiting to react to them after infections have taken place is simply untenable.
Based on this research, healthcare institutions and organizations in any industry can clearly benefit from endpoint security solutions designed to block new threats like fileless attacks, which are responsible for the majority of today’s endpoint compromises. To restore their faith in endpoint security’s effectiveness, new solutions need to address this crucial gap in protection without adding unnecessary complexity to endpoint management.