Friday, December 9, 2022
Home HEALTH Hotline between hospital cyberattacks and patient mortality, report shows

Hotline between hospital cyberattacks and patient mortality, report shows

A new cybersecurity report this week had some sobering statistics that illustrate just how common network attacks have become in healthcare.

The survey, which polled more than 640 IT and security leaders, found that 89% of organizations surveyed experienced an average of 43 attacks in the past year, averaging almost one attack per week.

Worse yet, the Ponemon Institute to studysponsored by Proofpoint, also found that cyber incursions now routinely impact patient safety in US hospitals and healthcare systems.

The report, “Cyber ​​Insecurity in Healthcare: The Cost and Impact on Safety and Patient Care,” showed respondents that cyberattacks routinely delay procedures and tests, with 57% saying that Patient outcomes are poor with 50% citing major complications from medical procedures

Perhaps the most alarming statistic was this: Of health systems that experienced the four most common types of cyberattacks, 20% said they subsequently experienced an increase in patient mortality rates.

Ponemon defines the four most common exploits as ransomware, cloud compromise, supply chain disruption, and phishing.

Unsurprisingly, the type of attack most likely to negatively impact care delivery is ransomware, with attacks typically leading to delays in procedures or tests (64% of respondents) and longer patient stays ( 59%).

Nearly three-quarters (72%) of respondents said organizations are vulnerable to a ransomware attack, with 60% saying it was a top concern, with a similar percentage reporting efforts to improve prevention and response.

When it comes to cloud compromise, more than half (54%) of respondents said their organizations had experienced at least one incident in the past two years. Of that group, organizations experienced an average of 22 such engagements in the past two years. Some 63% said they had taken steps to prepare for and respond to these attacks.

But while 71% of participants said they felt vulnerable to supply chain attacks, and 64% felt at risk of business email compromise and phishing, only 44% and 48%, respectively, have a documented response plan for those risks.

The report also highlights ongoing concerns with IoT, with hospitals and health systems deploying an average of more than 26,000 network-connected devices. But while 64% of respondents said they are concerned about device security, only 51% include it in their cybersecurity strategy, according to the study.

(Those connected medical device statistics echo similar numbers in another recent report by the Ponemon Institute.)

Some other statistics from the report:

  • 63% of respondents conduct regular training and awareness programs for employees.

  • 59% monitor their employees’ actions and use of technology

  • 53% of respondents said a lack of in-house cybersecurity expertise is a challenge

  • 46% said they are understaffed overall, which affects their cybersecurity readiness.

This despite the fact that, beyond the risk to patient safety, there are significant economic interests. The costliest healthcare cyberattack cost an average of $4.4 million in the last 12 months, according to the study, including $1.1 million in lost productivity.

IT and information security leaders from major US healthcare systems recognize the stakes. At HIMSS22 last March, chief information security officers discussed the patient safety risks of this tense threat landscape.

“We’ve gone beyond data — it’s not just about privacy and confidentiality anymore,” said Erik Decker, CISO at Intermountain Healthcare. “Cybersecurity is patient safety. Downtime means delayed care, and delayed care means patient safety. That’s our charge.”

That has been the case for some time. But as this report shows, and recent real-world cases of patient deaths linked to ransomware attacks emphasize, the risks have only increased for hospital security.

“The attacks we analyzed put significant pressure on the resources of healthcare organizations,” Larry Ponemon, president and founder of the Ponemon Institute, said in a statement. “Its result is not only a tremendous cost, but also a direct impact on patient care, putting people’s safety and well-being at risk.”

“Healthcare has traditionally lagged behind other sectors in addressing vulnerabilities from the growing number of cybersecurity attacks, and this inaction has a direct negative impact on the safety and well-being of patients,” said Ryan Witt, Cybersecurity Lead. healthcare provider at Proofpoint, in a statement.

“As long as cybersecurity remains a low priority, health care providers will continue to put their patients at risk,” he added. “To avoid devastating consequences, healthcare organizations must understand how cybersecurity affects their patient care and take steps toward better preparedness that protects people and defends data.”

Twitter: @MikeMiliardHITN
Email the writer:

Healthcare IT News is published by HIMSS.


US outlines plan for long-term baby formula imports

WASHINGTON-- US regulators on Friday unveiled their plan to allow foreign baby formula makers to stay in the market long-term, an effort to diversify...

Skin and breast cancer patients in England have the worst waiting time to see a specialist | Cancer

Patients with suspected skin and breast cancer have seen the largest increase in wait times of all those referred urgently to a cancer specialist,...

‘House of the Dragon’ Episode 7 Recap: What Happened?

For now, one thing is clear: HBO has become house of the dragon in a structural imitation of another of his successful series. house...


Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

Google’s Pixel 6a is cheaper than ever right now

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links....

5 pitfalls to avoid when moving to the cloud

A few years ago, cloud computing was considered a luxury, an option that would give companies greater access to resources, lower overhead costs, and...

Nobel Prize in medicine awarded for research on evolution

STOCKHOLM -- This year's Nobel Prize in Physiology or Medicine has been awarded to Swedish scientist Svante Paabo for his discoveries about human evolution.Thomas...

Horizon Zero Dawn Remastered For PS5 And Multiplayer Game Is In Development

A PS5 remaster of Horizon Zero Dawn is currently in development alongside a new multiplayer game in the series, according to a new leak.Horizon...