• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Compliance, Network Security, News

Insiders Pose Cybersecurity Threat to Healthcare

The average cost for credential theft was more than $871,000 for each incident associated with an insider, warns HHS.

April 26, 2022 TD Staff Leave a Comment

insider threats, military document leak, Jack Teixeira, insider risk
Photo by Artur/stock.adobe.com.

The U.S. Department of Health and Human Services (HHS) Cybersecurity Program Office of Information Security warned healthcare facilities on Thursday about vulnerabilities to insider threats.

HHS cited a 2020 study from Ponomon, which found that 61% of data breaches involving an insider are primarily unintentional, caused by negligent insiders. Nearly 14% of breaches, however, are malicious, and nearly one in four involve stolen credentials. That same report found the average cost of insider threats per incident was $871,700 for credential theft, $755,800 for criminal and malicious insiders, and $307,100 for employee or contractor negligence.

The HHS report also covered the risks associated with insiders who are working on behalf of external groups, saying that 82% of organizations can’t determine the actual damage that an insider attack has actually caused. That said, the percentage of common types of insider threat damage include:

  • Critical data loss, 40%
  • Operational outage/disruption, 33%
  • Brand damage, 26%
  • Legal liabilities, 21%
  • Expenses on remediating intrusions, 19%
  • Competitive loss, 17%

Disgruntled employees pose a significant insider threat because of their access to a healthcare facility’s systems. Additionally, often they are emotional threat actors with an intent to cause harm to the company. Sometimes they believe they are owed something, according to the HHS report. About 80% of privilege misuse by disgruntled employees was financially motivated.

Related: Why Healthcare Needs Better Data Security

Third parties are also a threat since 94% of organizations give third parties access to their systems. Very often, third party vendors are given elevated permissions on those systems.

Insider threat activities in healthcare usually consist of fraud, data thefts, and/or system sabotage.

Behavior indicators of an inside threat actor can include:

  • Official records of security violations or crimes
  • Cases of unprofessional behavior
  • Cases of bullying other employees
  • Personality conflicts
  • Misuse of travel, time, or expenses
  • Conflicts with coworkers or supervisors

Indicators of IT sabotage include:

  • Creating backdoor accounts
  • Changing all passwords so that no one can access data
  • Disabling system logs
  • Installing a remote network administration tool
  • Installing malware
  • Accessing systems or machines of other employees

Indicators of data theft include:

  • Massive downloading of corporate data
  • Sending sensitive data to a non-corporate address
  • Sending emails with heavy attachments to non-corporate addresses
  • Extensive use of corporate printers
  • Remotely accessing a server during non-working hours

The report also found that detecting insider attacks has become more difficult with so many organizations switching to the cloud.

HHS recommends the following practices to mitigate insider cybersecurity threats:

  • Incorporate insider threat awareness into periodic security training for all employees.
  • Implement strict password and account management policies and practices.
  • Define explicit security agreements for any cloud services, especially access restrictions and monitoring capabilities.
  • Ensure that sensitive information is available only to those who require access to it.
  • Use a log correlation engine or security information and event management (SIEM) system to log, monitor, and audit employee actions.
  • Develop a formal insider threat mitigation program.

CISA offers free cybersecurity services and tools, along with pertinent guidelines and updates that can help large and small organizations in the health sector. This information can be accessed online at .cisa.gov/free-cybersecurity-services-and-tools.

This article originally appeared on MyTechDecisions’ sister-site Campus Safety. 

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Cloud Computing, Cybersecurity, ID theft, Malware, Privacy, risk management

Related Content:

  • Cloud, SASE, Aryaka How the Cloud is Redefining Media Production and…
  • Singlewire Software mass notification interview Singlewire Software on Mass Notification Solutions
  • URI catchbox 1 Catchbox Plus: The Mic Solution That Finally Gave…
  • Engaging virtual meeting with diverse participants discussing creative ideas in a bright office space during daylight hours Diversified Survey: Workplace AV Tech is Falling Short,…

Free downloadable guide you may like:

  • Download TechDecisions' Blueprint Series report on Security Awareness now!Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

    Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared to defend against them in this report from TechDecisions' Blueprint Series.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.