84% of healthcare organizations don't have a cybersecurity leader: 5 things to know

Julie Spitzer - Print  | 

The majority (84 percent) of healthcare provider organizations don't have an enterprise leader in cybersecurity, and only 11 percent plan to hire a cybersecurity officer in 2018, according to a recent Black Book survey.

Black Book fielded responses from 323 strategic decision makers in healthcare provider and payer organizations around the U.S. for its 2017 fourth quarter survey.

Here are five survey insights.

1. Only 15 percent of respondents claim to be taking cybersecurity seriously by employing a chief information security officer.

2. Just 31 percent of payers have an established manager for cybersecurity programs, but 44 percent plan to recruit a candidate in 2018.

3. Fifty-four percent of respondents said their organizations don't conduct regular risk assessments, while 39 percent of respondents said their organizations don't carry out regular penetration testing on their firewalls.

4. Nearly every C-suite officer (92 percent) surveyed reported that cybersecurity and the threat of a data breach are still not major talking points among their board of directors.

5. Almost every (89 percent) respondent said that, in 2018, budgeted IT funds will be dedicated toward business functions with provable business cases, leaving just a small fraction to cybersecurity.

More articles on cybersecurity:

US says North Korea directly responsible for WannaCry

9 HIPAA settlement fines in 2017

500 computers at California county behavioral health department comprised during ransomware attack

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

To receive the latest hospital and health system business and legal news and analysis from Becker's Hospital Review, sign-up for the free Becker's Hospital Review E-weekly by clicking here.