The majority of healthcare organizations (75.7 percent) indicated experiencing a "significant security incident" in the past 12 months, according to the 2018 HIMSS Cybersecurity Survey.
For the survey, HIMSS — the Healthcare Information and Management Systems Society — asked 239 health information security professionals to weigh in on their experiences with and attitude toward cybersecurity in their respective organizations.
Here are three survey findings related to the organizations' recent security incidents.
1. Most respondents attributed recent security incidents to these three threat actors.
- Online scam artist: 37.6 percent
- Negligent insider: 20.8 percent
- Hacker: 20.1 percent
2. Most respondents cited these three targets as initial points of compromise during recent security incidents.
- Email: 61.9 percent
- Compromised organizational website: 3.2 percent
- Hardware or software infected with malware: 3.2 percent
3. Most respondents indicated their teams discovered the recent security incident within a week.
- Less than 24 hours: 47.1 percent
- One to two days: 13.2 percent
- Three to seven days: 7.4 percent
To access the 2018 HIMSS Cybersecurity Survey, click here.