Report: Attacks ‘Cascade’ From IT, OT to Patient Care www.databreachtoday.com/report-at…
Of the millions of threats detected in healthcare IT environments last year, email phishing, identity failures and device vulnerabilities were among the dominant vectors for non-clinical IT compromises - often “cascading” into patient care workflows and causing nearly $2 million a day in losses, said a new report from security firm Trellix.
Of 54.7 million threats detected by Trellix last year across its healthcare customers worldwide, 75% originated at U.S.-based organizations, with email incidents - including phishing - accounting for at least 85% of the detections, Trellix said.
The Milpitas, California-based security firm did not respond to Information Security Media Group’s request for the percentage of the company’s healthcare clients that are based in the United States.
“The most pressing weaknesses are email and identity failures, legacy medical and OT systems, and a lack of visibility into lateral movement and data exfiltration,” said Anne An, principal threat intelligence analyst at Trellix.
