At hospitals and health systems, cyberattack costs and patient care disruptions were up in 2023, according to an Oct. 11 report.
Here are nine things to know from the second-annual healthcare cybersecurity survey from cybersecurity firm Proofpoint and the Ponemon Institute, an IT research group. They surveyed 653 health IT and cybersecurity professionals.
1. Eighty-eight percent of surveyed organizations experienced an average of 40 cyberattacks in the past 12 months.
2. The average cost of a cyberattack was $5 million, a 13% jump from the previous year.
3. The most expensive cost was for disruptions to normal healthcare operations, at an average of $1.3 million, a 30% increase.
4. Among organizations that experienced one of the four most common types of cyberattacks, 57% reported poor patient outcomes from delays in procedures and tests, 50% reported an increase in surgical complications, and 23% had increased patient mortality rates.
5. Fifty-four percent of organizations experienced a ransomware attack in 2023, up from 41% in 2022.
6. Forty percent of organizations paid ransom in 2023, down from 51% in 2022.
7. The average ransom payment increased nearly 30%, to $995,450.
8. The two biggest cybersecurity challenges were lack of expertise (58%) and insufficient staffing (50%).
9. The cyberthreat that concerns health IT professionals the most is a cloud compromise (68%).