IT Security Spending Is Up, But Security Is Not

ScreenShot_IT_Security_at_SMB.png

The second-annual Cyren-Osterman Research U.S. security survey shows a significant disconnect between rising IT security spending and a low level of confidence in current protection, among many topics covered in the 24-page report.

Security Budgets Up Sharply

On average, survey respondents reported that IT security budgets grew a robust 17% during the past 12 months. That’s on top of a 21% increase reported one year ago in the first annual Cyren-Osterman Research survey. However, sixty-eght percent of businesses reported one or more breaches or infections during the prior 12 months, and significantly less than half believe they are well prepared to meet priority threats like ransomware, phishing and zero-day exploits.

The survey focuses on the current web and email security status and priorities of IT and security managers at organizations with 100 to 3,000 employees. The survey results allow security personnel to benchmark their own security posture and planning against their peers.

  • Security breaches are prevalent – Slightly more than two-thirds of the organizations surveyed – 68 percent – reported that they had experienced one or more breaches or infections during the past 12 months, with 29 percent reporting a successful phishing attack and 18 percent a ransomware infection that had gotten past their security defenses.
  • Ransomware is the #1 concern – Ransomware surged from fourth place in the 2016 Cyren-Osterman Research survey to the top of the heap of issues about which IT and security managers are concerned or extremely concerned (62 percent), slightly edging phishing (61 percent), and data breaches (54 percent).
  • Security concerns rule, controlling employees doesn’t – While threat categories are the top concerns among U.S. SMB security decision makers, only 24 percent expressed concern about shadow IT, with even fewer giving importance to controlling employee web behavior. (Our comment: this is a recipe for disaster)
  • Security effectiveness trumps cost – and everything else – Security effectiveness (85 percent) and speed of defense against new threats (74 percent) markedly outdistanced all other capabilities that were rated (reporting, user experience, management ease, etc.). Cost considerations were among the lowest-rated factors in evaluating a security solution.
  • Stopping threats in HTTPS is a priority – Fifty-nine percent rated as highly or extremely important the ability to perform SSL traffic inspection for threats, ranking it fourth among desired features in a web security solution. Fifty five percent indicated they have deployed an SSL inspection capability, which contrasts with a far lower deployment rate of 19 percent found in a similar survey in the UK in February 2017.
  • Few think highly of their current protection – Most SMB decision makers believe that the security deployed for their organizations is not doing well, with the largest “security gaps” around the threats of greatest concern. For example, while 61 percent rate phishing a top concern, only 39 percent rate their protection highly.
  • IT security investment is exploding at SMBs – Presumably driven by the poor opinion of current security, and the reality and risk of recurring infections and breaches, SMB IT security budgets jumped significantly for the second year in a row, rising 17 percent on average in the past year, following a 23 percent increase reported in the 2016 Cyren-Osterman Research survey.
  • SMBs have limited IT security staff – Respondents indicated that they generally have a low number of dedicated IT security staff members available to deal with security issues. We found that over half (52 percent) of the organizations surveyed have two or fewer security staff members, with the figure rising to 80 percent for the smallest cohort, with 100-500 employees.
  • Mobile device security is lagging behind – While 70 percent protect remote offices and roaming laptop use, only half protect company owned mobile devices, dropping to one-fifth providing protection of BYOD mobile devices, even if they connect to the corporate network.
  • Preference growing and nearly equal for cloud-based SaaS vs. on-premises – The preference in terms of deployment model for security solutions is now nearly equally divided, with 32 percent preferring on-premises solutions, and 29 percent preferring cloud-based SaaS – with the latter up sharply from 21 percent in the 2016 Cyren-Osterman Research survey.
  • Email security is now predominantly done in the cloud – Fifty-seven percent of SMBs rely on SaaS security for their email, considering together those who subscribe to a SaaS Secure Email Gateway (28 percent) and those who rely on the security provided by their SaaS or hosted email service provider (29 percent).
  • Cloud-based web security is moving up the adoption curve – Eighteen percent of SMBs reported that they subscribe to SaaS web security, with another 16 percent reporting deployment of “hybrid” cloud and on-premises solutions, and six percent relying on a hosted virtual appliance.
  • Security breaches cost significant staff time (and money) – After a security breach, organizations reported an average of 152 person-hours in IT staff time devoted to addressing the problem.

Download the full report here: https://blog.cyren.com/articles/survey-finds-security-investment-increasing-but-not-security

Two associates within Yeo & Yeo Medical Billing & Consulting have received professional credentials.

Traci Cook completed the required training to become a Certified Professional Medical Auditor (CPMA®) through the American Academy of Professional Coders. The knowledge required for this certification includes medical documentation, fraud, abuse, and penalties for documentation and coding violations based on governmental guidelines. Traci’s expertise will benefit the company’s healthcare clients as she performs medical record audits to decrease risk and improve compliance.

Traci is a billing and coding consultant and an account manager and has been with Yeo & Yeo Medical Billing & Consulting since 1999. She is a Certified Professional Coder with expertise in the coding of diagnoses, services, and procedures for physician practices, clinics and third-party payors. She is a member of the American Academy of Professional Coders and the Michigan Medical Billers Association.

Denise Garrett completed the required training to become a Certified Physician Practice Manager (CPPM®), through the American Academy of Professional Coders. The knowledge required for this certification includes revenue cycle management, human resources, health information and general business processes. Denise’s expertise will benefit the company’s medical practice clients as she focuses on their business needs including operational efficiencies, staff training, and technology.

Denise is an account manager and has been with Yeo & Yeo Medical Billing & Consulting since 1998. She is a Certified Professional Coder and a Certified Foot & Ankle Surgical Coder, with expertise in the coding of diagnoses, services, and procedures for physician practices.

Learn more about medical billing and practice management consulting services offered by Yeo & Yeo Medical Billing & Consulting.

Since 1955, the State of Michigan has exempted various prosthetic devices from sales and use tax. In 1985, the Treasury issued Letter Ruling 1985-20 addressing sales of a specific type of dental prosthetic (dental ceramics), essentially including these dental prosthetics with other exempt devices. When Letter Ruling 1985-20 was issued, the sales and use tax acts exempted “any … apparatus, device, or equipment used to replace or substitute for a part of the human body …”

With the passage 100c of 2004 Michigan Public Acts 172 and 173, the sales and use tax acts directed that dental prosthetics were excluded from the statutory exemption under the definition of “prosthetic device.” These acts defined a “prosthetic device” as “a replacement, corrective, or supportive device, other than contact lenses and dental prosthesis, dispensed under a prescription, including repair or replacement parts for that device, worn on or in the body …” Since Letter Ruling 1985-20 was still in effect, the 2004 Michigan Public Acts did not change how prosthetic devices were taxed.

In June 2017, the Michigan Department of Treasury announced that it had revoked Letter Ruling 1985-20 effective July 1, 2017. For transactions before this date, dental labs do not need to collect sales tax on custom dental products.However, the Treasury now considers the dentist the end user, as they use the material in the services they provide to their patients.After July 1, dental lab sales of dental prostheses to dentists are subject to sales tax based on the sales price of the prosthetic. 

Because these transactions will now be treated as a sale at retail, dental labs may claim the industrial processing exemption for property used in manufacturing its products, if the property used to make such dental products qualifies for the industrial processing exemption.

Please contact your Yeo & Yeo professional if you have questions.

Affiliated Medical Billing has changed its name to Yeo & Yeo Medical Billing & Consulting, announced Thomas E. Hollerback, President & CEO of Yeo & Yeo CPAs & Business Consultants and its affiliates.

The name change leverages the strength and longstanding reputation of the Yeo & Yeo name, reflects the broader range of professional services the company offers and aligns the affiliate under a single Yeo & Yeo brand name. The name change will create a unified name for all three of the firm’s affiliates: Yeo & Yeo Medical Billing & Consulting, Yeo & Yeo Technology, and Yeo & Yeo Financial Services. The new doing business as name is effective immediately and will be implemented throughout the calendar year 2017.

Announced in conjunction with the name change, Julia M. Lowe, CPC, former president of Affiliated Medical Billing, retired from the company after 19 years of providing medical billing and consulting services for physicians and healthcare organizations, and more than 40 years dedicated to serving the healthcare profession. Under Lowe’s leadership, Yeo & Yeo’s medical billing affiliate started as a two-person team and grew to a highly successful organization with 18 professionals.

Kati Krueger was named president of Yeo & Yeo Medical Billing & Consulting effective May 1, 2017. She has an extensive background with the medical billing affiliate, having joined the company in 2002. Krueger held the position of billing manager and also served as marketing manager for nearly five years, overseeing client relations and business development opportunities. She has more than ten years’ experience in medical billing and revenue cycle management, helping physicians and group practices throughout Michigan to be efficient and compliant. She has served as vice president since August 2016. Krueger is a member of the Medical Group Management Association, and holds a bachelor’s degree from Saginaw Valley State University.

“During the past year, Yeo & Yeo CPAs implemented Lean Six Sigma methodologies that focus on greater efficiency and quality in our audit and tax practices – it is a process we refer to as YeoLEAN. Now, under Kati’s leadership, Yeo & Yeo Medical Billing & Consulting is employing the YeoLEAN concepts that have allowed our medical billing professionals to streamline processes and focus on greater value for our clients,” says Kimberlee Dahl, Director of Marketing for Yeo & Yeo.

“I am excited to lead the future advances at Yeo & Yeo Medical Billing & Consulting under its new name. Our YeoLEAN process improvements will be ongoing, and the process has already led to the implementation of new software capabilities and paperless technologies, more efficient insurance reimbursement processing, and timelier communication with our healthcare clients – all with the goal of helping them maximize their profitability,” adds Krueger.

Yeo & Yeo Medical Billing & Consulting will continue its mission to be a leading provider of medical billing and practice management consulting services for the healthcare industry, as it has since 1998.

 

Our affiliate, Yeo &Yeo CPAs & Business Consultants, recently posted an excellent article about what to know when facing a HIPAA audit. We thought this article would be great to share with you as well. To read this post, click here.

© 2016