Nearly half of all hospital executives said their hospital had to shut down because of a cyber incident in the last six months, according to an Aug. 12 Philips and CyberMDX report.
The report analyzes attitudes and concerns across hospital and healthcare organizations, according to an Aug. 12 news release on the study.
The report was conducted by Ipsos, on behalf of CyberMDX and Philips, and surveyed 130 hospital executives in IT and security roles, in addition to biomedical technicians and engineers.
Seven survey insights:
1. Nearly half of the hospital executives surveyed (48 percent) were forced to or proactively shut down in the last six months because of cyberattacks or queries.
2. For hospitals that experienced a shutdown, large hospitals were shut down for 6.2 hours on average, which cost them about $21,500 per hour. Midsize hospitals were shut down for 10 hours on average at $45,700 per hour.
3. Even though cyberattacks are a prominent threat to hospitals, 60 percent of hospital IT teams have other spending priorities. Less than 11 percent of respondents said cybersecurity is a high priority spend.
4. Most hospitals are unprotected against common vulnerabilities. Three in 4 respondents said their hospital was not protected against NotPetya, followed by 64 percent of respondents who said their hospital is unprotected against WannaCry and 52 percent of respondents who are unprotected against Bluekeep.
5. Fifteen percent of respondents from midsize hospitals and 13 percent of respondents from large hospitals said they have no way to determine the number of inactive or active devices within their network.
6. Two in 3 IT teams said they are adequately staffed for cybersecurity.
7. More than half of respondents (58 percent) said they have cyber insurance.