The Impact of Cybercrime: How Hackers are Harming Providers
We've talked about the high financial and reputational costs of a cybersecurity breach, but it’s important to also keep in mind the effect cybercrime has on the ability of healthcare organizations to provide the best patient care.
In a recent survey of 641 healthcare cybersecurity experts, researchers found that provider staff are recognizing the alarming negative impact that a cyberattack can have on day-to-day patient care.
The survey focused on four types of attacks in the healthcare industry: ransomware, business email compromise (BEC) attacks, cloud compromises, and supply chain attacks. As we’ve watched these types of attacks grow increasingly common, it may not come as a surprise that “nearly 90 percent of all survey respondents said that their organizations had experienced at least one cyberattack in the past 12 months.”
In no other industry can the aftereffects of a ransomware attack be as severe as in healthcare. 64% of the survey respondents shared that procedures and tests had been delayed, and 24% reported increased mortality rates. Even with such high stakes, more than 70% of the participants said that they believed their organization was vulnerable to ransomware.
Researchers also found that many providers are struggling due to a lack of in-house cybersecurity expertise, insufficient staffing, and a lack of understanding around cybersecurity and what it takes to protect themselves. These factors are leaving hospitals and clinics vulnerable to any of the four types of attacks listed above.
It’s for healthcare organizations to know the current state of cybercrime in their industry and to be aware of the dangers they face, and statistics like these can be useful when demonstrating the very real need for cybersecurity protections. That said, there is a bright side to this discussion.
Awareness of cybercrime in healthcare is growing, and more and more organizations are taking steps to protect themselves and their patients. Over 60% of the survey respondents shared that their organizations had implemented regular security training and awareness programs for employees. Others were prioritizing cloud security, access management tools, multi-factor authentication, and other critical cybersecurity pieces.
There is a building sense of urgency in the healthcare industry surrounding these attacks. As part of the Medcurity community, you've taken an active role in this space. The purpose of the Security Risk Analysis is to help providers avoid the aftereffects of a data breach. Our team at Medcurity is excited to be working with providers to better protect and care for their patients. You can contact us here.