Join Barry S. Herrin, JD, FAHIMA, FACHE, founder of Herrin Health Law, April 18, 2019, at the 12th annual SecureWorld Houston conference. Held at Hyatt Regency Houston Galleria in Texas, the conference aims to connect, inform and develop leaders in cybersecurity. Hope to see you at the conference April 18, as well as the presentation featured below. Register today!
Employer Data Breach Liability: The Employee as a Threat Vector
Learn 6 big decisions organizations must make in response to insider threat
3 – 3:45 p.m.
Thursday, April 18
According to a 2014 IBM study, 31.5% of all cybersecurity incidents were perpetrated by malicious insiders, and 23.5% resulted from the activities of non-malicious insider threats.
In 2017, statistics reported by the MIT Sloan Interdisciplinary Consortium showed that between 67% and 80% of cybersecurity incidents were linked to persons with legitimate access to the breached data infrastructure. A 2018 Ponemon Institute report confirms that this upward trend is not abating, as 64% of successful cyber attacks resulted from privileged user negligence, with another 23% being perpetrated by malicious insiders – a total of 87% of all incidents.
Education having failed in many instances, with criminals becoming ever more sophisticated, and with the return on investment for perimeter defenses becoming slight, perhaps employers should consider their employees threat vectors and not innocent victims in cybercrime.
Barry S. Herrin, JD, FAHIMA, FACHE, is the founder of Herrin Health Law, P.C., in Atlanta, Ga. Herrin offers more than 25 years of experience practicing law in the areas of healthcare and hospital law and policy, privacy law and health information management, among other healthcare-specific practice areas. He is a Fellow of the American College of Healthcare Executives and a Fellow of the American Health Information Management Association. He also holds a Certificate in Cyber Security from the Georgia Institute of Technology. Reach him at 404-459-2526 or barry.herrin@herrinhealthlaw.com.Â