Skip to content
Subscriber Only

Health-Care Companies Have Worse Cybersecurity Than Retailers

Major data breaches at Target and Neiman Marcus last year put the spotlight on how poorly retailers guard sensitive information from cyber thieves. Yet health-care and pharmaceutical companies rate even worse than retailers in terms of security performance, according to a new analysis of Standard & Poor’s 500-stock index companies by BitSight Technologies.

The Cambridge (Mass.)-based firm compared the performance of finance, utilities, retail, and health industry groups within the S&P 500 from April 2013 through March 2014. Overall, health-care companies scored lowest, at about 660 on a scale of 250 to 900, with low numbers reflecting poor security practices.  Not only did that sector have the most security problems, but the companies took the longest to fix the problems—on average 5.3 days, according to the report.