Survey shows that healthcare organizations are falling behind when it comes to prioritizing cybersecurity.
Richard Thurston
By not prioritizing the threat of cyberattack, healthcare companies are failing to make necessary progress, according to a new report.
NTT Security’s 2019 Risk:Value report was compiled through a survey, where NTT Security queried over of 2,200 senior level IT executives covering 17 industry sectors in 20 countries across five continents-a global scan of where organizations stand in terms of their cybersecurity threat awareness, readiness and prioritization. Healthcare was one of the key sectors researched, with nearly 200 senior managers interviewed from healthcare organizations.
Across the board, there is clear-cut evidence which shows three mitigating factors of failure:
1. Lack of cybersecurity investment
2. Poor knowledge of compliance issues
3. Continued failure to secure critical data.
“This is a time when organizations should be getting smarter about cybersecurity and we’re not seeing that based on the survey results,” says Richard Thurston, global markets insight manager at NTT Security.
The basic findings show a few startling statistics, according to Thurston, such as how half of respondents (48%) think their organization’s critical data is secure enough-“it isn’t,” he says. Thirty-three percent think a security breach will never happen-and the same percentage would actually pay a ransom to recover data. And cybersecurity risk has risen sharply-reported data vulnerabilities were over 16,000 this year, up from 6,400 in 2018.
Related: HHS’ New Cybersecurity Practices: 5 Things to Know
While the U.S. performs second-best in the world for cybersecurity, according to Risk:Value, healthcare organizations’ performance is rated average-far behind the financial services sector, which leads all industries.
Other unique findings
• 78% of private healthcare organizations believe information stolen in a security breach would result in loss of customer confidence and/or damage to the brands reputation. “This is the highest percentage of any sector,” Thurston says. “The next highest percentage is 75% from the Wholesale sector.”
• 50% of public healthcare organizations claim they have never suffered a data breach.
• 85% of private healthcare organizations and-87% of public healthcare organizations believe it’s vital to continually invest in cybersecurity
In this latest episode of Tuning In to the C-Suite podcast, Briana Contreras, an editor with MHE had the pleasure of meeting Loren McCaghy, director of consulting, health and consumer engagement and product insight at Accenture, to discuss the organization's latest report on U.S. consumers switching healthcare providers and insurance payers.
Listen
In our latest "Meet the Board" podcast episode, Managed Healthcare Executive Editors caught up with editorial advisory board member, Eric Hunter, CEO of CareOregon, to discuss a number of topics, one including the merger that never closed with SCAN Health Plan due to local opposition from Oregonians.
Listen