Healthcare email security needs improvement in 2017

Featured image

Share this article

anthem breached

Global Cyber Alliance (GCA) conducted a recent survey that found that healthcare email security is still very weak.

We are going to take a look at the most important findings from the survey and determine what this means for email protection and email threats.

Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to confronting cyber attacks and improving our global network security. It is a catalyst to bring partners of interest and affiliations together in an environment that sparks innovation with concrete, measurable achievements.

GCA’s mantra “Do Something. Measure It” is a direct reflection of its mission to eradicate systemic cyber risks seen in malicious email with strong email security solutions.

Most major hospitals in the U.S. are not using advanced threat protection in regards to healthcare email security appliances.

The survey found that only 6 of the 50 largest public hospitals in the U.S. are protecting their email communications from spear phishing and targeted attacks that aim to trick patients into revealing sensitive data or expose data leaks.

For-profit hospitals performed slightly better in that at least 22 of the top 48 for-profit hospitals have deployed the Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol – a mechanism for defending against spear-phishing attacks – in a limited capacity.

The GCA survey findings is troubling considering recent breach reports of business emails, such as Verizon’s 2017 Data Breach Investigative Report (DBIR) that found that 15% of data breaches last year occurred in the healthcare sector.

In the report, email messages are the preferred tool of cyber-criminals.

This issue can be averted with implementations of secure email gate ways, spam filters, and email encryption.

Despite these reports, most major hospitals still lack the necessary email security protocols to protect their PHI. Verizon also mentioned that 66% of malware found on healthcare networks was delivered by email attachments.

A recent study by Agari highlights just how vulnerable the healthcare industry really is. The survey found that of those healthcare companies valued over $1 billion dollars only 15% have DMARC implemented.

You would think that at that value, compliance requirements would be mandatory.

Security software is not an area that healthcare organizations can overlook.

With cyberthreats constantly evolving in sophistication and maliciousness, healthcare organizations must implement protocols such as DMARC, SPF (Sender Policy Framework), DKIM (DomainedKeys Identified Mail), and TLS to protect their emails.

By having these threat intelligence protocols in place, there can be real-time efforts put into motion to stop persistent threats.

To begin, look into making sure your email is HIPAA compliant.

READ MORE: How to Make Gmail HIPAA Compliant

Email security products will have a trained security team to make sure you’re on your way to next layer security.

Try Paubox Email Suite for FREE today.
Author Photo

About the author

Phuong Tran

Phuong Tran is a Carnegie Mellon University-Heinz College graduate with a degree in healthcare policy and management. In his spare time he enjoys discovering new restaurants and playing basketball.

Read more by Phuong Tran

Get started with
end-to-end protection

Bolster your organization’s security with healthcare’s most trusted HIPAA compliant email solution

The #1-rated email encryption 
and security software on G2

G2 Badge: Email Encryption Leader Fall 2022
G2 Badge: Security Best Usability Fall 2022
G2 Badge: Encryption Momentum Leader Fall 2022
G2 Badge: Security Best Relationship Fall 2022
G2 Badge: Security Users Most Likely to Recommend Fall 2022
G2 Badge: Email Gateway Best Relationship Fall 2022
G2 Badge: Email Gateway Best Meets Requirements Fall 2022
G2 Badge - Users Most Likely to Recommend Summer 2022
G2 Badge: Email Gateway Best Results Fall 2022
G2 Badge: Email Gateway Best Usability Fall 2022
G2 Badge: Email Gateway Best Support Fall 2022
G2 Badge: Email Gateway Easiest To Use Fall 2022
G2 Badge: Email Gateway Easiest Setup Fall 2022
G2 Badge: Email Gateway Easiest Admin Fall 2022
G2 Badge: Email Gateway Easiest to do Business with Fall 2022
G2 Badge: Email Gateway Highest User Adoption 2022
G2 Badge: Email Gateway High Performer Fall 2022
G2 Badge: Email Gateway Momentum Leader Fall 2022
G2 Badge: Email Gateway Most Implementable Fall 2022
G2 Badge: Email Gateway Users Most Likely to Recommend Fall 2022