Healthcare Facilities Need More Cybersecurity Pros

Despite being one of the most targeted sectors for cyber attacks, data breaches and malware, the healthcare industry doesn't value cybersecurity as much as it should.
Published: January 1, 2020

Despite the huge value we place on our healthcare information, the sector is one of the most targeted for cyber attacks and data theft.

According to a new report from Black Book Market Research, nearly all IT professionals said in a survey that hackers are outpacing the tech savviness of the medical industry.

So far in 2019, healthcare providers are the most targeted for industry cybersecurity breaches, making up about four out of every five breaches. Data breaches are expected to cost the industry about $4 billion this year, and next year will be even worse, Black Book Market Research said.

Since third quarter 2016, over 93% of all healthcare organizations have seen a data breach, and 57% of those had more than five data breaches during the same time period. More than 300 million records have been stolen since 2015, affecting about one in every 10 patients.

——Article Continues Below——

Get the latest industry news and research delivered directly to your inbox.

Other troubling healthcare cybersecurity findings:

  • Just 21% of hospitals surveyed had a dedicated security executive
  • The estimated cost of a data breach by the respondent hospital group averaged $423 per record in 2019
  • More money is spent on marketing expenses to fight negative impressions on the brand than combating the consequences of data breaches
  • 58% of hospitals did not select their current security vendor in advance of a cybersecurity incident
  • 94% have not augmented their cybersecurity protections since their last breach
  • 35% of healthcare organizations did not scan for vulnerabilities before an attack
  • 87% of healthcare organizations have not had a cybersecurity drill with an incident response process
  • 40% of providers surveyed still do not carry out measurable assessments of their cybersecurity status
  • 26% of hospital respondents and 93% of physician organizations currently report they do not have an adequate solution to instantly detect and respond to an organizational attack

The survey also found that healthcare organizations are narrowly focused on patient care and reimbursement, which makes it difficult to elevate IT and cybersecurity concerns from an afterthought to a budgetary priority.

If you’re a manages service provider for healthcare organizations or one of the few cybersecurity professionals working in healthcare, you need to stress the importance of investing in security solutions and gain buy-in from everyone at the top.


Zachary Comeau is the web editor for CS sister publication My Tech Decisions.

ADVERTISEMENT
ADVERTISEMENT
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series
Strategy & Planning Series