Proofpoint and Ponemon Institute Release Third Annual Healthcare Cybersecurity Survey

The survey found that 92 percent of organizations surveyed experienced at least one cyberattack in the past 12 months.

By HFT Staff


Proofpoint, Inc., a cybersecurity and compliance company, and Ponemon Institute, an IT security research organization, released the results of their third annual survey on the effects of cybersecurity in healthcare. The report, “Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care 2024,” finds that 92 percent of healthcare organizations surveyed experienced at least one cyberattack in the past 12 months, an increase from 88 percent in 2023, with 69 percent reporting disruption to patient care as a result. 

Among the organizations that suffered the four most common types of attacks – cloud compromise, ransomware, supply chain and business email compromise (BEC) – 56 percent reported poor patient outcomes due to delays in procedures and tests, 53 percent saw an increase in medical procedure complications, and 28 percent say patient mortality rates increased—an increase of five percentage points over last year. These findings indicate that healthcare organizations continue to struggle with mitigating the risks these attacks pose to patient safety and well-being. 

The report, which surveyed 648 information technology and security practitioners in United States healthcare organizations, found that supply chain attacks are most likely to affect patient care. More than two-thirds (68 percent) of respondents said their organizations had an attack against their supply chains, of which 82 percent said it disrupted patient care, an increase from 77 percent in 2023. BEC leads the group of attacks most likely to result in poor outcomes due to delayed procedures and tests (69 percent), followed by ransomware (61 percent), which was also most likely to result in longer lengths of stay (58 percent) and increase in patients diverted or transferred to other facilities (52 percent). 

“Our third annual report was conducted to determine if the healthcare industry is making progress in reducing human-centric cybersecurity risks and disruptions to patient care,” says Larry Ponemon, chairman and founder of the Ponemon Institute. “For the third consecutive year, we found that the four types of analyzed attacks show a direct negative impact on patient safety and wellbeing. The good news, however, is the healthcare industry seems to increasingly recognize the importance cybersecurity plays in patient outcomes; on average, IT budgets have increased, and fewer IT practitioners indicate that budget is a challenge in keeping their organization’s cybersecurity posture from being fully effective.” 



October 10, 2024


Topic Area: Information Technology , Security


Recent Posts

Frederick Health Hospital Faces 5 Lawsuits Following Ransomware Attack

The lawsuits accuse FHH of inadequate cybersecurity, poor breach notification, and failing to protect patients from identity theft risks.


Arkansas Methodist Medical Center and Baptist Memorial Health Care to Merge

They have signed a non-binding letter of intent to complete a shared mission agreement to merge the two organizations.


Ground Broken on Intermountain Saratoga Springs Multi-Specialty Clinic

The clinic is scheduled to open and start seeing patients in the fall of 2026.


Electrical Fire Tests Resilience of Massachusetts Hospital

Signature Healthcare Brockton Hospital used opportunity to renovate key systems and components and expand facility operations.


Bomb Threat Alleged at Illinois Hospital

The alleged suspect was taken into police custody, and the threat was determined to be unfounded.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.