Cybersecurity Is Undervalued. But That Might Change Soon.

Across the globe, companies spent a combined $114 billion on cybersecurity last year, an amount that’s expected to climb to $140 billion by 2021, according to a new report from the analytics research firm GlobalData.

But the business world has yet to embrace cybersecurity as a core competency despite it being a “business-critical function” that affects branding, product quality, revenues, and more, according to the report. The analysis, “Cybersecurity,” also found that while as many as two-thirds of US companies have hired a chief information security officer, they typically don’t report to the CEO, amplifying the risk of a data breach, a dangeorus arrangement that must change if these employees are to be effective.

>> LISTEN: A New Kind of Warfare

“The frequency of cyberattacks is only likely to accelerate over the coming years, therefore it is vital that senior executives have a full understanding of the inherent risks and implications,” said Cyrus Mewawalla, GlobalData’s head of thematic research, said in a statement. “The losers will be those companies whose boards do not take cybersecurity seriously, as they run a higher risk of being hacked.”

Although the report didn’t zero in on healthcare, many similar analyses have. Time after time, researchers have found that the industry is uniquely vulnerable to cyberthreats. A McAfee Labs report last fall concluded that healthcare suffered more disclosed cyberattacks than any other industry in the second quarter of 2017. This past winter, a honeypot set up by a security firm illustrated the problem: Two fake medical practice websites drew more than 19,000 hacks over three months. All signs point to a rise in cybersecurity vulnerabilities, which is compounded by healthcare’s failed efforts to refine its defenses, another report found.

And the threats come from several sources. As the adoption of electronic health record systems has soared, printing has somehow increased, intensifying security risks, experts have said. Earlier this year, Verizon’s analysts found that paper is healthcare’s greatest privacy threat—alongside the industry’s own employees. Perhaps most jarring, foreign countries are focusing more on cyberwarfare, a trend that has badly damaged healthcare.

As companies come to value cybersecurity and increase related spending, they may rely more on machine learning, behavioral analytics, unified threat management, and any number of other maturing technologies, the GlobalData analysis found. Further, organizations will use high-tech tools less often to prevent attacks and more to detect threats in real time, freeing up limited resources to pursue the most pressing problems.

Get the best insights in healthcare analytics directly to your inbox.

Related

WannaCry, NotPetya, and Cyberwarfare’s Threat to Healthcare

5 Data Breaches That Show How Cybersecurity Must Evolve

What to Do Before and After a Data Breach