It’s been a tough year for healthcare organizations when it comes to cyber security, starting with the massive breaches of Anthem, LifeWise and Premera Blue Cross.
A new study of enterprise secure software development shows healthcare is lagging behind other industries.
Healthcare scored overwhelmingly lower than the financial services, independent software vendor and consumer electronics industries, when it comes to internal software security programs and practices, according to the new Building Security in Maturity Model (BSIMM) study.
Jim Routh, chief information security officer at Aetna Global Security, told Dark Reading.com that healthcare firms typically face a lack of security staff and resources amid an evolving threat landscape.
“HIPAA isn’t helping” healthcare security, Gary McGraw, CTO at Cigital, said. “(HIPAA) over-focused the healthcare domain on privacy and patient privacy data, which is an important thing. But there are many other aspects of security that have little to do with privacy.”
BSIMM studied more than 100 enterprises including 10 firms in healthcare assessing governance, intelligence, secure software development and deployment.
Read more about the study at InformationWeek’s Dark Reading.com.
Chivaroli and Associates Insurance Services is a full-service brokerage firm specializing in the custom-design and placement of insurance and alternative risk funding solutions for your healthcare organization.