Quarterly Payout for Cybersecurity Vulnerabilities Increases 83%, Highest Ever

Samara Rosenfeld
JULY 10, 2019
cyberbug

Healthcare organizations paid an average of $1,088 per cybersecurity vulnerability in quarter one of 2019, according to a new report from Bugcrowd, a cybersecurity vulnerability testing company.
 
The report, “State of Healthcare Cybersecurity,” noted that the quarterly payout is the highest it’s ever been with an 82.8% increase year over year.
 

New Entry Points Lead to Vulnerabilities

The healthcare industry holds large amounts of confidential health and patient data. This makes the industry one of the most targeted for cyberattacks.
 
The digital transformation only makes the healthcare industry that much sweeter to attack. But more than half of healthcare organizations lack confidence in their medical device security, according to the report. And while mobile health apps give patients a more convenient way to schedule appointments, order prescriptions or have access to their personal health information, they also open up a new entry point for cybercriminals.
 
“By recognizing that hackers will find vulnerabilities and exploit them, healthcare leaders can improve the way they design and implement connected devices, manage risks and train their teams,” Bugcrowd wrote.
 

Increase in Cybersecurity Vulnerabilities

Bugcrowd saw a nearly 341% increase in cybersecurity vulnerability submissions from 2017 to 2018. The company reported that the industry is on track to see a steady increase in vulnerability again this year.
 
More than 12% of the submissions were classified as priority one, or the most critical. A majority of the submissions (42%) fell into the priority three category.
 
And 75% of submissions were related to healthcare organizations’ websites.
 

Financial Implications of Healthcare Cybersecurity Flaws

In quarter one of 2019, total vulnerability payouts increased by 31.1% from quarter one of 2018.
 
“Healthcare organizations running crowdsourced security programs are increasing in security maturity and criticality levels, therefore increasing the market rate for vulnerabilities,” the authors wrote.

First-priority vulnerabilities cost healthcare organizations an average payout of $3,425 in quarter one  — higher than any other year combined. The average payout in quarter one of 2018 was $3,081.
 
“It’s important to consider a defense-in-depth approach to cybersecurity and engage crowdsourced security to level the playing field,” the report noted. “In the coming years, it will become standard operating practice for vulnerability assessment — the winners will be those who embrace this new standard today and reap the rewards before the rest of the market catches up.”
 
Through crowdsourcing, cybersecurity teams can gain resources to scale, secure and unlock the benefits that healthcare technology brings.  

Get the best insights in digital health directly to your inbox.

Related
Third-Party Vendor Risks Cost Healthcare $23.7B a Year, Report Finds
Phishing Emails Play on Our Fear of Failure
3 Trends Plaguing Healthcare Cybersecurity & How to Fight Them

SHARE THIS SHARE THIS
16
Become a contributor