HAMPTON, N.H. – The notification from health insurer Anthem two weeks ago that 80 million of its customer records were breached late last month will spur renewed security evaluations and increased security spending by other organizations in Anthem’s market, expanding opportunities for security vendors and security service providers
Technology Business Research believes that, faced with news of the attack on Anthem, executives and IT and security decision makers at healthcare and health insurance organizations will authorize spending increases for security products and services. They will increase spending by 3% to 4% in 1H15, above the previously allocated annual increases of 10% reported by most organizations in TBR’s enterprise security customer research.
The increased spending by healthcare and health insurance companies will be focused on data loss prevention (DLP) and advanced threat detection and response products and services. Security vendors and security service providers that have effective solutions in these segments and established expertise and brand recognition in the healthcare and health insurance industries, including IBM, RSA, Dell Secureworks and Code Green Networks, are well-positioned to address the heightened demand.
To capture the new opportunities, vendors and service providers must also have the sales and support resources in place to deliver results quickly, before the next major attack turns customers’ attention to different priorities. Successful vendors and service providers will have strong customer relationships and engagement skills to communicate the business benefits of their security solutions to customer executives at healthcare and health insurance organizations.
TBR has observed that customer executives are increasingly likely to make swift, often unexpected and unprecedented decisions to authorize additional security spending following a widely reported breach at a peer organization.
- Attack on Anthem heightens concerns about medical record breaches
While there have been many breaches of similar size in recent years, including the attacks on Home Depot, Target and J.P. Morgan, the Anthem incident is the first to hit so close to the healthcare and health insurance industries.
The attack on Anthem is particularly troubling because of the hackers’ proximity to customers’ medical records. Anthem has indicated that personal information, including customers’ social security numbers, was exposed, and TBR believes customers will raise concerns about the privacy of medical data that was also stored with the insurance company.
Medical records have high value in the black hat community as hackers pass medical data to other nefarious entities such as illegal drug operators. But medical data loss raises even greater risks — to communities (risk of bio-terrorism) and to individual patients (criminals may tamper with medical devices that are connected to the Internet in today’s Internet of Things).
Over the coming months, organizations in the healthcare and insurance industries will seek to strengthen their security strategies and controls to further safeguard customers’ medical records.
(C) TBR
