Page 27 - Cyber Warnings
P. 27
2016 State of Application Security
Top Health Care Apps in Critical Condition
by Patrick Kehoe, Chief Marketing Officer, Arxan
In our 5th Annual “State of Application Security” report, we analyzed healthcare applications and
found a huge discrepancy between consumers’ beliefs regarding the level of security baked into
the healthcare apps that they utilize on a regular basis, and the degree to which developers of
healthcare apps actually address known application vulnerabilities.
We also learned that consumers really care about security – in fact more than 80% of
consumers would change providers if their app was known to be vulnerable, or if an alternative
app was known to be more secure.
Given the number of vulnerabilities in the apps reviewed in our report, health and medical
device app providers need to step up security controls or risk potential cyber-attacks and
serious defections from their services.
The research analyzed 126 of the most popular mobile health and finance apps from the U.S.,
U.K., Germany and Japan.
It also surveyed consumers and application developers about their approach to and
perspectives on app security.
Major Findings of the Report
Health Care Industry Is a Popular Target
Health care organizations are among the top targets of cybercriminals in search of valuable
patient data and intellectual property.
This is not that surprising, given that a complete medical record can fetch close to $500 in the
underground market, as reported by NPR.
Equally unsurprising is that a majority of health care organizations — 81 percent — have been
breached in the past two years.
Given that the vast majority of cyberattacks occur at the application layer (a recent Forbes study
estimated that 84 percent of all attacks were focused here), one would think that robust
application security would be a fundamental measure being taken by health care providers.
However, the stark reality is that mobile application security is still lagging.
27 Cyber Warnings E-Magazine – February 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
