Healthcare cybersecurity worse than retail: BitSight

A report from BitSight Technologies analyzed the cybersecurity practices of companies on the S&P 500, with those in the healthcare sector coming in at the bottom of a four-industry pack.

Security breaches have been on the rise among retailers, but according to an industry report from BitSight Technologies, healthcare and pharmaceutical companies rate even worse when it comes to cybersecurity.

The report analyzed Standard & Poor's 500-stock index from April 2013 through March 2014, comparing the security performances of finance, utility, retail, and healthcare and pharmaceutical companies. 

While retail continues to struggle with poor security performances, it was the healthcare/pharma group that scored the lowest of all sectors, about a 660 on a scale of 250 to 900. The healthcare/pharma sector also took the most time to fix security problems, typically upwards of five days. 

Screen Shot 2014-05-28 at 3.07.37 PM
Credit: BitSight

Retail wasn't far behind healthcare with a rating of 685 and a similarly high volume of security incidents and slow response times. The number of retail security incidents observed by BitSight during the April-March period increased 200 percent, according to the report. 

BitSight suggests that both the healthcare/pharma and retail sectors view cybersecurity as a strategic business issue and do not give it the high level attention it deserves. (No doubt the likes of Target and Neiman Marcus would contest that suggestion.) 

The retail/healthcare/pharma debacle is in contrast to financial and electric companies, both of which earned impeccable ratings and response times. BitSight admits these sectors are just as at risk as the others, but says they have better protection systems in place that resulted in less incidents and better response scenarios.

BitSight's bottom line: there's plenty of room for improvement across the board, especially since security threats show no signs of slowing down.

Read more:

Show Comments