What You Should Know:
– Imprivata, the digital identity company for life- and mission-critical industries, today released new research that reveals over 91% of security leaders agree they can no longer rely solely on perimeter security to combat and respond to cyber threats, with 99% having experienced a cyberattack in the past year.
– The report outlines how healthcare, finance, manufacturing, pharmaceutical, and biotech organizations are approaching cyber and privacy risks. Cross-industry, 58% cite an increased frequency of attacks –to the tune of 21%, on average. Moreover, the rise of remote work has largely contributed to the growth of attack surfaces. Subsequently, 67% are focusing on security beyond the firewall as one of their top three investment priorities this year. Commonly referred to as “identity-based” or “identity” security, this approach is focused on ensuring users are only able to access the data and resources they need –a cornerstone of Zero Trust.
The Growing Concerns Regarding Cyber Threats
Imprivata is the digital identity company for mission- and life-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges with solutions that protect critical data and applications without workflow disruption. The study was conducted by Vanson Bourne on behalf of Imprivata and includes insights from more than 750 IT security leaders spanning healthcare, finance, manufacturing, pharmaceutical, and biotech organizations across the US, UK, Australia, and Germany.
Though the concept of Zero Trust isn’t new, the adoption of technologies to facilitate a Zero Trust Architecture (ZTA) varies. “What we learned from this data is that businesses are under significant strain to mitigate attacks and manage the eye-watering costs when they occur. Yet less than half have the recommended digital identity technologies in place to protect themselves,” said Wes Wright, chief technology officer at Imprivata. “Despite the widespread familiarity with Zero Trust principles, fewer than half of those surveyed have adopted the foundational technologies needed to achieve them.”
Solutions like identity governance, privileged access management (PAM), vendor privileged access management (VPAM), multifactor authentication (MFA), and single sign-on(SSO) enable greater security and compliance without negatively impacting end-user workflows. The low adoption rates seen in the study may be a result of apprehension; that doing so will hinder user productivity, particularly given the sizable number (57%) who cite user-centric security as a top priority.
Other key findings include:
– Third-party data breaches are a leading attack vector: More organizations are leveraging vendors, partners, and contractors as essential business resources. Interestingly, 40% of those surveyed report falling victim to a third-party data breach in the last 12 months yet just 42% have deployed VPAM to manage and control third-party access.
– Rising cyber insurance costs and insufficient coverage:40% of respondents cite increased cyber insurance costs as the most common negative impact following a cyberattack, adding that their premiums have risen by an average of 35% in the past year alone. Further, 48% say their policy doesn’t cover real-life scenarios.
– Patient lives at risk: For healthcare organizations, the cost of a cyberattack often goes beyond monetary to affect patient care. In fact, three in ten (31%) of those surveyed report that procedures and tests have been delayed that resulted in poor outcomes.