In 2024, the percentage of healthcare organizations paying ransomware demands decreased to 36%, down from 40% in 2023. However, those that did comply faced steeper costs, an Oct. 8 survey from Proofpoint and Ponemon Institute found.
The survey contains insights from 648 information technology and security practitioners in U.S. healthcare organizations. Proofpoint is a cybersecurity and compliance company and Ponemon Institute is a IT security research organization.
Here are six findings from the survey:
- The average ransom rose by 10% to $1,099,200, compared to $995,450 in 2023.
- Worries surrounding insecure mobile health applications have escalated, positioning them as the top cybersecurity threat in the healthcare sector. In 2024, 59% of respondents identified this issue, a notable increase from 51% in 2023.
- Cloud and account compromises ranked as the second most pressing concern, affecting 55% of participants.
- Meanwhile, text messaging emerged as the most frequently targeted collaboration tool, with 61% reporting attacks, closely followed by email at 59%.
- Fifty-five percent of respondents identified the absence of in-house expertise as a key obstacle to enhancing their organizations' cybersecurity defenses. However, worries about unclear leadership have increased, jumping from just 14% in 2023 to 49% in 2024. Meanwhile, the proportion of respondents citing budget limitations as a hurdle has decreased from 47% in 2023 to 40% in 2024.
- Fifty-four percent of respondents said they have integrated AI into their operations, with 28% utilizing the technology specifically for cybersecurity and 26% employing it for both cybersecurity and patient care. Fifty-seven percent of these individuals said they consider AI to be highly effective in enhancing their organizations' cybersecurity posture.