Threat Intelligence
Q4 2023 Cyber Threat Landscape Report: Threat Actors Breach the Outer Limits
February 21, 2024
by Laurie Iacono, Keith Wojcieszek, George Glass
Wed, Apr 17, 2024
The State of Cyber Defense: Diagnosing Cyber Threats in Healthcare
The State of Cyber Defense healthcare edition provides a holistic overview of the healthcare sector including insights from threat intelligence, data breach statistics, offensive security considerations and insight into the maturity of healthcare organizations’ cybersecurity programs.
Download the ReportThe State of Cyber Defense: Diagnosing Cyber Threats in Healthcare maps out the cybersecurity threat landscape the healthcare sector currently operates in, looking at three key areas:
Detection and Response | Cyber Threat Intelligence | Offensive Security (OffSec) |
|---|---|---|
The cyber maturity of healthcare organization’s detection and response capabilities using data analyzed from 1,000 global cybersecurity programs. | Using Kroll’s frontline threat intelligence from over 3,000 incidents a year, this report details the threats the healthcare sector is facing, and how threat actors are infiltrating their networks. | Kroll experts detail the key considerations for the healthcare sector based on pen testing their networks, including how hackers are able to find vulnerabilities and what the industry can do to protect itself. |
Key Highlights Include
- Healthcare is the most likely industry to self-report as having very mature security.
- Healthcare organizations are 65% less likely to outsource their cybersecurity services than other sectors due to the dynamic nature of these work environments.
- Healthcare cybersecurity professionals believe credential access is their number one concern – more than ransomware, BEC and phishing.
- Kroll Threat Intelligence finds that the industry is consistently targeted by ransomware groups using a combination of valid credentials theft and exploiting vulnerabilities.
- The healthcare industry is one of the most breached industries, ranking first in 2022 and second in 2023 in Kroll data.
The Healthcare Sector is Underprepared
Perceived Cyber Maturity Overall, vs. Healthcare
The Healthcare Sector is Underprepared
Kroll discovered in the State of Cyber Defense: Detection and Response Maturity Model that there is a worrying disconnect in how mature organizations believe they are, and how mature they are in reality.
This self-diagnosis gap is heightened in healthcare organizations and their confidence in their security and real-world security capabilities which can lead to inadequate security solution provisioning, inaccurate risk assessments, and the impact of an attack can have far-reaching consequences.
Nearly 50% of healthcare respondents rated their overall cybersecurity as ‘very mature’, more than any other sector and 16 percentage points higher than the survey average.
Those in the healthcare sector are also among the most likely to believe that absolutely zero improvements are needed to their security.
Healthcare Organizations Need More Mature Capabilities
Threat and Detection Response Capabilities Used by Healthcare
Healthcare Organizations Need More Mature Capabilities
When looking at the threat detection and response capabilities, the healthcare industry is more likely to employ the more basic, or immature, processes. Indeed, many only employ the most basic security capabilities such as cybersecurity monitoring, and none of the healthcare industries surveyed had all threat and detection capabilities in place.
The Biggest Concerns for the Healthcare Industry
Threat Types of Most Concern
The Biggest Concerns for the Healthcare Industry
Healthcare organizations appear to be far more concerned by credential access threats than any other industry. Credential access was cited as most concerning threat type by only 16% of all 1,000 respondents, making it the least concerning threat across all sectors. However, it was chosen by more than a quarter (26%) of healthcare professionals – more than ransomware, zero-day attacks and supply chain compromise.
The Threats the Healthcare Industry Faces
Kroll’s Cyber Threat Intelligence team has seen the healthcare industry consistently targeted by ransomware groups using a combination of valid credentials theft and exploiting vulnerabilities.
Most Common Threat Incident Type Targeting the Healthcare Industry in 2023
Most Common Initial Access Method for the Healthcare Industry in 2023
The Healthcare Sector is a Consistently Popular Target
Most Breached Industries in 2022 and 2023
The Healthcare Sector is a Consistently Popular Target
Kroll’s last two Data Breach Outlook reports clearly demonstrate the vulnerability of the sector. Not only does it hold sensitive data which may be at risk of poor handling but threat actors with malicious intent may also be tempted to target and expose such data to cause disruption.
Is Outsourcing the Answer?
Cybersecurity Services Securing Model
Is Outsourcing the Answer?
Healthcare organizations are 65% less likely to fully outsource their cybersecurity services than the average organization (17% vs 28%). They are also more likely to do everything in-house.
However, this trend may be starting to shift. 62% of all the healthcare respondents that currently manage all their cybersecurity services in house confirmed that they have plans to outsource in the next 12 months.
Much, Much More In the Report
Download the Report
Much, Much More In the Report
The full report also covers:
- How to overcome challenges stemming from discrepancies between perceived and actual maturity
- Further insights into the cyber maturity of healthcare organizations
- What the healthcare sector needs to prioritize in its cybersecurity strategy
- The levels of engagement within the industry post data breach
- Key considerations learnt from Kroll’s cyber penetration experts
- How regulation and legacy systems are affecting the healthcare industry’s ability to protect itself
- How organizations can begin to progress their detection and response maturity
For access to the full results, complete the form to download the report.
Kroll Responder MDR
Stop cyberattacks. Kroll Responder managed detection and response is fueled by seasoned IR experts and frontline threat intelligence to deliver unrivaled response.
Cyber Risk Retainer
Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.
24x7 Incident Response
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
Penetration Testing Services
Validate your cyber defenses against real-world threats. Kroll’s world-class penetration testing services bring together front-line threat intelligence, thousands of hours of cyber security assessments completed each year and a team of certified cyber experts — the foundation for our sophisticated and scalable approach.
Red Team Security Services
Red team security services from Kroll go beyond traditional penetration testing, leveraging our frontline threat intelligence and the adversarial mindset used by threat actors to push the limits of your information security controls.
Ransomware Preparedness Assessment
Kroll’s ransomware preparedness assessment helps your organization avoid ransomware attacks by examining 14 crucial security areas and attack vectors.
Cyber Threat Intelligence
Threat intelligence are fueled by frontline incident response intel and elite analysts to effectively hunt and respond to threats.
Explore Insights
Threat Intelligence
Managed Detection and Response
The State of Cyber Defense 2023: Detection and Response Maturity Model
September 26, 2023
Cyber
The Impact of PCI DSS 4.0 on Organizational Penetration Testing Strategies
April 25, 2024
by Andrew Vine
Threat Intelligence
CVE-2024-3400: Zero-Day Remote Code Execution Vulnerability Exploited to Attack PAN-OS
April 23, 2024
by George Glass
Kroll is headquartered in New York with offices around the world.
55 East 52nd Street 17 Fl
New York NY 10055
Sign up to receive periodic news, reports, and invitations from Kroll.
Our privacy policy describes how your data will be processed.
© 2024 Kroll, LLC. All rights reserved.
Kroll is not affiliated with Kroll Bond Rating Agency,
Kroll OnTrack Inc. or their affiliated businesses. Read more.