Omega Systems, a leading provider of managed IT and security services, has officially published the results from its new research, which was structured to expose the growing impact of cybersecurity challenges on leading healthcare organizations and patient safety.
Going by the available details, the stated report found 19% of healthcare leaders saying that a cyberattack has already disrupted patient care, whereas on the other hand, more than half (52%) said they believe a fatal cyber-related incident is inevitable within the next five years.
More on Omega’s survey would reveal how more than 80% of healthcare organizations were targeted by at least one cyberattack. Out of that, social engineering attacks (48%) and ransomware (34%) would top the list.
Moving on, more than 1 in 4 organizations reported that at least half of their sensitive patient data was at risk due to cyberattacks, but despite that being the case, many teams admitted to continued reliance on outdated infrastructure, manual processes, and limited in-house staffing to defend against modern threats.
“Healthcare is one of the most frequently targeted industries by cybercriminals – and not surprisingly given the sensitive data they manage. Unfortunately, growing gaps in cyber risk management are resulting in real-world consequences for patients and major setbacks for organizations,” said Mike Fuhrman, CEO, Omega Systems. “The data shows that although leaders don’t report cybersecurity as a top challenge, it’s directly impacting their highest priorities – from patient safety to regulatory compliance. This disconnect is a growing risk across the healthcare industry that needs to be addressed with better visibility, readiness, and resources.”
Talk about the given lowdown on a slightly deeper level, we begin from the fact that overall confidence in cyber readiness doesn’t match the reality. This translates to how, even though an estimated 80% of healthcare leaders are confident in their teams’ ability to stop AI-powered cyberattacks, nearly a third of companies don’t regularly train their employees on how to respond to cyber threats, and only 53% actually run phishing simulations.
Beyond that, nearly 1 in 5 were deemed to lack a current or effective incident response plan, whereas on the other hand, almost 25% acknowledge it could take up to a month to detect and contain a data breach, with some sectors like life sciences taking even longer.
Next up, well over half (56%) of leaders said outdated infrastructure would significantly delay breach recovery, and 36% admit their current cybersecurity tools cannot protect cloud-based patient data. In case that wasn’t enough, most respondents revealed they are yet to adopt advanced security tools like next-gen EDR with moving threat defense, while more than a third (34%) don’t even know what data is at risk across their network, making proactive defense nearly impossible.
Another detail worth a mention is rooted in how almost two-thirds of healthcare organizations maintain an in-house IT or cybersecurity team, but at the same time, 23% say they are understaffed. As a result, in the event of a cyberattack, 1 in 5 companies believe recovery would be delayed because they lack experienced in-house staff or access to a 24×7 security operations team.
Rounding up highlights would be the pressure of compliance. This stems from how nearly 54% of companies still rely on manual in-house processes to handle compliance management. 60% say staying current with regulations is their top challenge, and 57% organizations lack the time and resources to meet stringent requirements.
Among other things, it must be acknowledged that, even with all the risk in play, 55% of healthcare organizations are not currently partnered with a Managed Security Service Provider (MSSP) for added expertise and support.
Making matters worse is a piece of data claiming, when asked about challenges hindering their business, leaders had cybersecurity ranked last (33%), behind other priorities like rising operational costs (53%), maintaining compliance (52%), and protecting patient data (40%).
“Healthcare teams are under immense pressure, and internal resources alone aren’t enough to stay ahead of today’s threats,” said Fuhrman. “Leading organizations are leveraging MSSPs to gain a competitive advantage through advanced tools, continuous monitoring, and regulatory expertise for a new level of security. The end result is bottom-line protection in the healthcare sector.”