TAMPA, Fla., Dec. 18, 2017 /PRNewswire/ -- A recent survey conducted by Black Book Research indicated the majority of healthcare provider and payer organizations are not taking cybersecurity seriously enough. Responses included 323 strategic decision makers from the US.
Black Book™ today announced key findings from a Q4 2017 survey that found that more than eight in ten provider organizations lack a reliable enterprise leader for cybersecurity, while only 11 percent plan to get a cybersecurity officer in 2018. When it comes to payers, 31 percent have an established manager for cybersecurity programs currently, with 44 percent planning to recruit a candidate in the new year.
Black Book revealed that the healthcare industry continues to underestimate security threats as attackers continue to seek data and monetary gain. "The low security posture of most healthcare organizations may prove a target demographic for which these attacks are successful," said Doug Brown, Managing Partner of Black Book.
The survey also advised on the hesitation of healthcare provider organizations in adopting the best practices for cybersecurity. 54 percent of respondents admitted they do not conduct regular risk assessments, while 39 percent don't carry out regular penetration testing on their firewalls. "These results may not be all that surprising, however, considering some of the new solution providers are offering passive monitoring for their networks and the upfront costs have been dramatically slashed," said Brown.
However, 92 percent of the C-suite officers surveyed state that cybersecurity and the threat of data breach are still not major talking points with their board of directors.
"Cybersecurity has to be a top-down strategic initiative as it's far too difficult for IT security teams to achieve their goals without the board leading the charge," said Brown. 15 percent of all healthcare organizations responding to the survey claim to be taking cybersecurity seriously by having a chief information security officer (CISO) in charge now.
For attackers looking to steal valuable data with minimal effort, the healthcare industry is a prime target. "The critical role of medical facilities, combined with poor security practices and lack of resources, make them vulnerable to financially and politically motivated attacks," said Brown.
89 percent of respondents reported in 2018, budgeted IT funds are dedicated toward primarily business functions with provable business cases and only a small fraction is being allocated to cybersecurity.
About Black Book
Black Book™, well-known internationally for accurate, impartial customer satisfaction surveys in the services and software industries, conducted its ongoing managed services, consulting and software/technology user polls to determine the highest ranked client experience vendors for 2018. As part of a special research focus on hospital, healthcare networks and corporate users, Black Book surveyed the clients of cybersecurity vendors as well as those that have not implemented any programs, software or outsourced services to date.
Black Book™, its founders, management and staff do not own or hold any financial interest in any of the vendors covered and encompassed in the surveys it conducts. Black Book reports the results of the collected satisfaction and client experience rankings in publication and to media prior to vendor notification of rating results and does not solicit vendor participation fees, review fees, inclusion or briefing charges, and/or vendor collaboration as Black Book polls vendors' clients.
Since 2000, Black Book™ has polled vendor satisfaction across over thirty industries in the software and services sectors around the globe. Black Book polls the client experience of over 620,000 current healthcare software and managed services users. Black Book expanded its survey prowess and reputation of independent, unbiased crowdsourced surveying to IT and health records professionals, physician practice administrators, nurses, financial leaders, executives and hospital information technology managers.