Healthcare sector hit by £1.32billion security testing bill

New report from AVORD reveals trusts are at risk from inflated costs

The new report from AVORD reveals that healthcare organisations are struggling to cope with the ever-increasing cyber threat

The shockingly-high cost of protecting against cyber attacks has been revealed, with the healthcare sector forking out more than £1.32billion a year to combat the growing threat of data breaches and system outages.

Healthcare organisations are struggling to cope with the ever-increasing threats impacting on their attempts to secure systems at current costs. Unless something changes, they will be forced to cut corners, and this will inevitably mean there are more data breaches and system outages

Research from AVORD – a new security testing platform that launches this week – reveals that 95% of organisations have seen an increase in the number of data breaches over the last five years.

And half of the sector agrees that the growth of the Internet of Things (IoT) means they will need to conduct more-regular security tests in order to ensure patient safety.

But opportunistic multi-national consultancies are being blamed for inflating the price of security testing in the UK, with many healthcare businesses being charged high prices to conduct tests on critical assets.

Taking advantage

The findings put the spotlight firmly on the security testing market, which is dominated by consultancies who provide services to businesses, sometimes at twice the daily rate of an independent tester – often referred to as ‘ethical hackers’.

And, with 80% of organisations claiming the cost of testing is too expensive, there is a clear demand for change.

More than three quarters (76%) of businesses in the healthcare sector currently outsource the security testing on their critical assets.

The need to use consultancies in this way is being driven by a skills shortage, with many (48%) revealing they don’t fully possess the in-house, employee skills and knowledge to carry out security testing.

A surge in cyber crime

Worryingly, almost a third (29%) have battled an online security breach in the past 12 months.

Of those hit by a cyber attack, 86% reported that the breach occurred partly as a result of issues with the security testing process.

And, over the past five years, the majority of organisations have seen a major increase in the number of data breaches: with 28% reporting an increase of between 11%-20%, while more than two in five (43%) reported up to 10% more data breaches.

The true cost

As new emerging technologies are deployed, and applications increasingly underpin core business processes, organisations across the UK claimed that cyber criminals are creating new ways to exploit vulnerabilities, which is putting increased stresses on them at an already-challenging time.

A new era

To address this, AVORD is promising to slash the price of security testing, with its free online platform bringing thousands of highly-qualified security testers together with UK healthcare organisations.

The brainchild of two career security professionals, who have seen the market monopolised by major consultancies, it will enable organisations to reduce their costs by 30-40%.

The online security testing platform cuts out the expensive middle men, ensuring healthcare trusts of all sizes can protect their businesses against future threats.

Free to use, it provides automated scheduling and tracking of security tests, delivering an instant view of all tests across an estate through a fully-interactive risk and reporting dashboard.

Commenting on the launch, Brian Harrison, founder and chief executive of AVORD, said: “Quite simply, security testing has become too expensive for many UK trusts.

“Healthcare organisations are struggling to cope with the ever-increasing threats impacting on their attempts to secure systems at current costs.

“Unless something changes, they will be forced to cut corners, and this will inevitably mean there are more data breaches and system outages.

“AVORD has been designed to disrupt the current security testing model by cutting out the costly ‘middle-man’ consultancies and allows organisations to directly manage and engage security testers.

“This means that whereas industry currently pays up to £1,100 a day for cyber security testing; that cost will be reduced to approximately £600, collectively saving the UK healthcare sector more than £500m annually.”

Companies