3 Interconnected Cyber Risks Leaving Health Care Systems Vulnerable to Added Liability
White Paper Summary
It seems that not a day goes by without the announcement of a ransomware attack. Some events, like the shutdown of the Colonial Pipeline earlier this year, make headlines, reminding the public of how serious a threat ransomware can be.
Oftentimes, events will go under the radar. But this doesn’t mean they are any less severe; the average ransomware attack can cost millions of dollars. Bad actors are constantly looking for vulnerable facilities to gain access to critical information and wreak havoc on the company.
More than a third of health care organizations were hit by a ransomware attack in 2020, and of those, 65% said cyber criminals were successful in encrypting their data, a report from cyber security company Sophos found. For medical facilities, however, a ransomware or any cyber event can be much more costly, because patients’ lives are at stake, making this more than just a cyber risk.
“The hospitals, medical facilities and their physicians have sensitive patient information on their systems,” said Monica DiCesare, chief underwriting officer at IronHealth. “That information is critical to protect, because it’s critical to ensure patient safety.”
Ransomware then becomes a safety concern for such institutions, making medical facilities that much more attractive for hackers. Hospitals are more likely to pay a ransom, with 34% of respondents in the Sophos report saying they paid to get back their encrypted data.
When cyber events bleed over into the safety realm, institutions will be left vulnerable to medical malpractice claims and other serious threats. Here’s a look at three ways a cyber event at a hospital can trigger other policies and what these facilities can do to mitigate the risk.
To learn more about Liberty Mutual Insurance, please visit their website.