Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care
overlay-image
New Ponemon Report

Cyber Insecurity in Healthcare:
The Cost and Impact on Patient Safety and Care

Download the report

Cyber Insecurity in Healthcare:
The Cost and Impact on Patient Safety
and Care

Healthcare IT and security professionals have spoken. Ponemon listened. In this study sponsored by Proofpoint, Ponemon surveyed 641 people responsible for security strategies – including setting IT cybersecurity priorities, managing budgets and selecting vendors and contractors. The goal was to understand the cybersecurity threats targeting healthcare organizations and the cost of responding to attacks that can endanger patient safety and care delivery. The results are truly eye opening.

Download the full report

Cyber Insecurity in Healthcare:
The Cost and Impact on Patient Safety and Care

Download the report

The impact of cyber attacks on patient safety and care delivery

Ponemon analyzed four types of cyber attacks in this report: cloud compromise, ransomware, supply chain and BEC.

Cloud compromise

Fifty-four percent of surveyed healthcare organizations experienced at least one cloud compromise and 64% of those affected noted an impact to patient care. Consequences included an increase in complications from medical procedures (51%), longer length of stay (50%) and increase in mortality rates (18%).

Ransomware

A ransomware attack hit 41% of surveyed healthcare organizations and 67% of those affected by ransomware noted an impact to patient care. Consequences included poor outcomes because of procedure or test delays (64%), longer length of stay (59%), and a rise in mortality rates (24%).

Supply chain attacks

Fifty percent of respondents say their organization experienced at least one attack against their supply chain and 70% of those affected noted an impact to patient care. Consequences included poor outcomes because of procedure or test delays (54%), longer length of stay (51%) and a rise in mortality rates (23%).

Business Email Compromise (BEC)

Fifty-one percent of surveyed healthcare organizations experienced a BEC attack and 67% of those affected noted an impact to patient care. Consequences included poor outcomes because of procedure or test delays (60%), increase in complications from medical procedures (51%), and a rise in mortality rates (21%).

Major Findings:

Eighty-nine percent of organizations surveyed experienced at least one cyber attack in the past 12 months
0
Eighty-nine percent of organizations surveyed experienced at least one cyber attack in the past 12 months.
Average total cost for the most expensive cyber attack: $4.4M
0
Average total cost for the most expensive cyber attack: $4.4M
Seventy-two percent believe they are vulnerable to a ransomware attack
0
Seventy-two percent believe they are vulnerable to a ransomware attack.
At an average cost of $1.1 million, lost productivity was the most significant financial consequence from a cyber attack
0
At an average cost of $1.1 million, lost productivity was the most significant financial consequence from a cyber attack.
Half of the respondents say their organization had an attack on their supply chain in the past two years
0
Half of the respondents say their organization had an attack on their supply chain in the past two years.
Organizations that had a cloud compromise (54% of respondents) experienced an average of 22 such compromises
0
Organizations that had a cloud compromise (54% of respondents) experienced an average of 22 such compromises.
Sixty-seven percent said cloud, mobile, big data and IoT Technologies increase risks to patient information and safety
0
Sixty-seven percent said cloud, mobile, big data and IoT technologies increase risks to patient information and safety.
Fifty-three percent say their organizations lack in-house cybersecurity expertise
0
Fifty-three percent say their organizations lack in-house cybersecurity expertise.
The Human Factor Report

This report highlights how a cyber event often adversely impacts patient safety, and, therefore, the importance of a robust security strategy for healthcare to meet its mission.

Ryan Witt, Industries Solutions and Strategy Leader, Proofpoint

Proofpoint helped improve our posture and hardening for BEC attacks as previously we did not have a DMARC setting. BEC attacks targeting our brand are significantly more visible now.

Gary Gooden, Chief Technology and Security Officer, Seattle Children’s See customer success story

Email is our number one threat vector. That is no secret. Proofpoint does a phenomenal job of reducing that inbound email attack surface. And then if something gets through, it’s a great incident response department.

Chase Franzen, Vice President and Chief Information Security Officer, Sharp HealthCare Read more

Proofpoint solutions for healthcare

See how we help healthcare organizations combat advanced threats, safeguard patient data, and modernize compliance.

Learn more