69% of healthcare organizations don't have an incident response plan for cyberattacks, survey finds

Jessica Kim Cohen -

The majority of healthcare security and IT professionals — 69 percent — indicated their organization does not have a cybersecurity incident response plan that is consistently applied across the entire enterprise, according to a survey sponsored by IBM Resilient.

IBM Resilient tapped the Ponemon Institute to conduct its third annual global study on cyber resilience, or "an organization's ability to maintain its core purpose and integrity in the face of cyberattacks," according to a March 14 statement from IBM.

For the survey, the Ponemon Institute asked 2,800-plus security and IT professionals from 18 industries — including healthcare — about their experiences with and attitudes toward recovering from a cyberattack.

Here are four survey insights about cyber resilience in healthcare.

1. Sixty-one percent of healthcare industry respondents said they had experienced a cybersecurity incident that resulted in significant disruption to their organization's IT or business processes within the past two years.

2. Sixty-one percent of healthcare industry respondents indicated a lack of investment in emerging technologies — such as artificial intelligence — as one of the biggest barriers to their organization's ability to achieve cyber resilience.

3. One-quarter of healthcare industry respondents reported their organizations' IT security staffing was sufficient to meet a high level of cyber resilience.

4. However, 72 percent of respondents indicated their organization is more cyber resilient in 2017 than the year prior. Fifty-three percent rated their organizations' cyber resilience as "high" or "very high."

To access IBM Resilient's survey, click here.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.