Healthcare organizations' cybersecurity becoming more fragile amid pandemic: 7 key stats

About a third of healthcare organizations experienced a ransomware attack during the pandemic's early months, according to software company Netwrix's "2020 Cyber Threats Report." 

Netwrix surveyed 937 IT professionals in June to gain insights about how the pandemic and its resulting shift to work-from-home models changed healthcare's IT risk environment.

Seven key findings from the report:

  1. Thirty-two percent of respondents said their organization experienced a ransomware attack during the pandemic's first few months (before the survey was conducted).

  2. Thirty-seven percent of respondents said their healthcare organization experienced a phishing incident, and 39 percent said they experienced an IT staff error. Thirty-seven percent reported there was an improper data sharing incident at their organization.

  3. Twenty-six percent of respondents reported data theft by employees, and 49 percent of them were unaware of the incident for weeks or months.

  4. No respondents reported being able to discover improper data sharing in minutes. Twenty-six percent needed hours, and 74 percent needed days, weeks or months to discover the incident.

  5. Eight in every 10 healthcare organizations regularly report on the state of their cybersecurity to executive management, but 47 percent reported feeling this takes too much time and effort.

  6. Respondents' pre-pandemic cybersecurity concerns were about employees accidently sharing sensitive data (88 percent) and rogue admins (80 percent), which shifted to phishing (87 percent), administrative mistakes (71 percent) and data theft by employees (71 percent) after the pandemic began.

  7. Just 25 percent of respondents reported feeling concerned about supply chain compromise as a top security threat, down from 75 percent last year.

More articles on cybersecurity:
The 10 healthcare organizations most affected by cyberattacks in 2020
Microsoft disrupts ransomware distributor with ties to Ryuk: 5 notes
New York practice to pay $100K for violating HIPAA Right of Access rule

© Copyright ASC COMMUNICATIONS 2020. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.