;

Study: 78 Percent of Healthcare Providers Reported Cyberattacks in Past Year

The study, which was conducted by Mimecast and HIMSS Analytics, examined 76 senior IT professionals at various sized healthcare facilities.

Study: 78 Percent of Healthcare Providers Reported Cyberattacks in Past Year

Sixty-three percent of large healthcare facilities have experienced both malware and ransomware in the past 12 months.

In a new study, 78 percent of healthcare providers say they have experienced email-related cyberattacks in the form of ransomware, malware or both in the past 12 months.

The study, conducted by Mimecast and HIMSS Analytics, examined 76 senior information technology professionals responsible for information security at various sized healthcare facilities.

Of the 76 IT professionals, 87 percent say they expect email-related security threats to increase significantly in the future.

Eighty-three percent say ransomware is the most concerning type of email-related threat and four out of five respondents say they use email to send Protected Health Information (PHI).

“This survey clearly demonstrates that email is a mission-critical application for healthcare providers and that cyberthreats are real and growing – surprisingly, even more so than the threats to Electronic Medical Records (EMRs), laptops and other portable electronic devices,” says Mimecast healthcare cyber resilience strategist David Hood.

Other concerns of respondents include malware, targeted attacks such as spear-phishing and business email compromise.

Some other key findings from the study include:

  • Eighty-eight percent say they perform cybersecurity assessments at least once yearly. Of the 88 percent, 43 percent conduct them at least once a year, 16 percent conduct them quarterly and 18 percent conduct them monthly.
  • Two-thirds say they include email in their assessments, one-third sometimes include email and 2.5 percent never include email or are unaware if they do.
  • The top three cyber resilience strategies being taken by the respondents include preventing attacks (94 percent), training employees (90 percent) and securing email (77 percent), reports Health IT Security.

While the survey indicated large organizations have experienced more attacks in the past 12 months, they were more likely to include email in their cybersecurity assessment.

Of the organizations surveyed, 63 percent of large facilities have experienced both malware and ransomware in the last year, compared to 24 percent of intermediate facilities and 22 percent of small facilities.

“This study confirms that no healthcare provider is immune to this growing threat of email-related cyberattacks. While the results show that larger providers are being hit harder, especially with ransomware, these same organizations are also the ones leading the charge in defining industry best practices to address these threats,” says HIMSS Analytics senior director Bryan Fiekers.

Based on its research, Mimecast says these five tips are the best ways to improve email security:

  1. Train employees on the risks inherent in email: real-time reminders are better than annual training.
  2. Analyze inbound attachments: with multiple AV engines, safe file conversion and behavioral sandboxing.
  3. Apply URL checking: at the time a user clicks, not when it enters the organization.
  4. Inspect outbound emails: for protected health information, other sensitive content and threats.
  5. Increase cyber resilience: against ransomware and other sources of data destruction with backup capabilities and continuity solutions.

About the Author

Contact:

Amy Rock is the Campus Safety Web Editor. She graduated from UMass Amherst with a Bachelor’s Degree in Communications and a minor in Education.

She has worked in the publishing industry since 2011, in both events and digital marketing.

Read More Articles Like This… With A FREE Subscription

Campus Safety magazine is another great resource for public safety, security and emergency management professionals. It covers all aspects of campus safety, including access control, video surveillance, mass notification and security staff practices. Whether you work in K-12, higher ed, a hospital or corporation, Campus Safety magazine is here to help you do your job better!

Get your free subscription today!


One response to “Study: 78 Percent of Healthcare Providers Reported Cyberattacks in Past Year”

  1. Mick says:

    Unfortunately this scary reality will only grow worse and worse. In fire service, it’s a terrifying reality if computers, phones or other technology are rendered inoperable. Every establishment or business should have a back up / non-tech plan ..

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety Director of the Year