Security News

Lack of Threat Intelligence Tools Weaken Health Data Security

A survey found that organizations lacking threat intelligence tools cannot effectively use network data collected on cybersecurity breaches.

By Elizabeth O'Dowd

Higher levels of EHR adoption and the increasing amount of data stored digitally make cybersecurity a top priority for health IT infrastructure. However, findings from a recent survey find that most health IT security professionals consider threat intelligence tools to be too complicated to provide valuable insight.

Threat intelligence in healthcare

The survey conducted by Ponemon indicates that 70 percent of 1,072 respondents reported to have realized few benefits through threat intelligence. Additionally, 36 percent have no plans to deploy a threat management platform because of lack of staff expertise (56 percent), cost of deployment (46 percent), and lack of suitable technologies (40 percent).

Survey respondents across various industries report that there is too much threat data coming in which cannot be processed because of lack of experienced staff and appropriate tools to handle the volume of data. Because of the high volume of threat data, organizations neglect to share essential threat insight with board members and C-level executives due to their inability to effectively analyze the data.

Organizations have difficulty processing and using threat data to prevent or investigate cyberattacks when they do not have protocols or a threat intelligence platform available to successfully communicate the data.

"Every industry knows that threat intelligence is a key component of any effective defense strategy and, as this survey points out, it has become too overwhelming to deal with," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "Security providers do a great job of gathering and storing data. Now, they need to simplify it and make it actionable so that security teams and top executives can make decisions that protect their businesses from surging attacks."

Only 46 percent of respondents indicated their organization uses any kind of threat data when assessing a security breach. Nearly three-quarters of respondents, including those who do use threat data in some way, admitted to not using it effectively, or at all to combat cyberthreats.

Of the organizations that do not use a platform, 70 percent said it was difficult or very difficult to prioritize and use threat intelligence data.

"Too much data that is not delivered in the right way can be just as bad as not enough. This is the situation that many companies find themselves in. We call it threat overload," said Hugh Njemanze, CEO of Anomali. "The number of threat indicators is skyrocketing and organizations simply cannot cope with the volume of threat intelligence data coming their way. It's clear that what businesses need is a system that pinpoints the threats they must take notice of and that gives them actionable and relevant insights."

Seventy-eight percent of respondents rate the importance of threat intelligence in achieving a strong cybersecurity posture as very high and 70 percent are seeking to improve threat intelligence efficiency in the future. These findings show that the industry recognizes the value of an early warning.

“With the growing threats to organizations posed by cyber-criminals, it is clear there is a need to help businesses cut through the noise of data to find the threat intelligence that is relevant and actionable,” continued Njemanze. “User-intuitive platforms that disseminate the influx of information are essential, as well as having clearly defined roles and responsibilities among staff. Security professionals need to know who the attackers are, where they live and what techniques they typically use to stay ahead."

Healthcare organizations are under pressure to adapt their approaches to data security to meet growing cybersecurity threats. The Healthcare Information Management Systems Society (HIMSS) recently identified important actions for healthcare organizations to take in order to defend against cyberattacks, including “implementing a universal healthcare information privacy and security framework, creating a cybersecurity leadership role at the Department of Health and Human Services (HHS), and resolving the shortage of qualified cybersecurity professionals.”

Dig Deeper: