B2B Payments

Private Sector, Health Care, Government All Face Data Security Risks


This week’s data digest is all about, well, data. The latest report from the Identity Theft Resource Center (ITRC) and CyberScout finds a worrying trend: 2016 was a record year for data breaches, with businesses emerging as the largest target for hackers by far. Health care entities and government agencies, too, are at risk for their data security. We take a look at some statistics around the ITRC and CyberScout’s latest report, as well as new data on government and health care data management practices.


1,093 data breaches hit entities in the U.S. last year, marking a 40 percent increase from 2015. But that figure, released by the Identity Theft Resource Center and CyberScout in a new report, begs the question: “Are there actually more breaches, or is it because more states are making this information publicly available?”

The ITRC and CyberScout’s 2016 report on data breaches found businesses to be hit more frequently than other entities, like the education sector, health care entities, the banking industry and government entities. Researchers found that businesses saw 45.2 percent of the total 1,093 data breaches hitting U.S. companies, while health care and medical industry players took more than a third of those attacks. Hacking, skimming and phishing attacks are once again the most common type of data breach attack, making it the eighth year in a row for this type of data breach, researchers said. These types of attacks made up more than 55 percent of total data breaches in 2016. Many, researchers noted, were the result of CEO phishing attacks, a strategy known as the business email scam, which convinces a business employee to make a payment to a seemingly legitimate bank account.

“For businesses of all sizes, data breaches hit close to home, thanks to a significant rise in CEO spear phishing and ransomware attacks,” explained ITRC Vice Chair of its Board of Directors and CEO of CyberScout Matt Cullina in a statement announcing the report. “With the click of a mouse by a naïve employee, companies lose control over their customer, employee and business data. In an age of an unprecedented threat, business leaders need to mitigate risk by developing C-suite strategies and plans for data breach prevention, protection and resolution.”


2 businesses are joining together to protect government payment data: Mastercard and Oversight Systems. The businesses revealed last week that they will partner to combine data analytics and anti-fraud solutions for government agencies that are a part of the General Services Administration’s SmartPay initiative, which aims to help government entities access better payment tools for their expense and procurement needs.

While the ITRC and CyberScout’s report found that only 6.6 percent of the 1,093 cyber breaches that occurred in the U.S. last year were at government or military agencies, that figure is still high considering these entities are using public funds. Earlier research has shown that digital solutions, like ePayments and data analytics, are effective at combating payment fraud in government procurement and spend behavior.


1 opportunity will be pursued more than others among health care supply chain firms: data analytics. A new survey from Global Healthcare Exchanges found that, for supply chain professionals in the health care space, pursuing the opportunity of data analytics is top priority for the year ahead, with data management goals coming out on top of other opportunities, like contract management and cost reduction.

In a statement reporting on the survey, GHX CEO and President Bruce Johnson said the supply chain, which is a “pivotal juncture” in the industry, must flex alongside developing technologies.

“Improving operational performance and driving down costs through supply chain automation is one of our top priorities,” Johnson stated. “The focus today on accurate data is central to our mission. The linkage between data on products used in patient care as recorded in electronic health records with accurate and comprehensive information about those products in item masters is key to solving the cost/quality equation.”

But if CyberScout and the ITRC’s latest report is any indication, the health care industry will need to be particularly careful with the new troves of data it aims to access as analysts find that the health care industry is among the most targeted for cyberattacks and data breaches.


Featured PYMNTS Study: 

With eyes on lowering costs to improving cash flow, 85 percent of U.S. firms plan to make real-time payments integral to their operations within three years. However, some firms still feel technical barriers stand in the way. In the January 2020 Making Real-Time Payments A Reality Study, PYMNTS surveyed more than 500 financial executives to examine what it will take to channel RTP interest into real-world adoption. Here’s what we learned.

Click to comment