CynergisTek releases 2018 report on cybersecurity findings in healthcare

March 8, 2018

CynergisTek announced the release of its annual report, “Improving Readiness: Meeting Cyber Threats.” The report focuses on a key question that many boards and executives are asking today, “How ready are we for a cyber event?” It provides a sobering analysis of how healthcare organizations measured against the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), which outlines best practices for healthcare organizations to follow to manage risks associated with cybersecurity.

CynergisTek’s 2018 report aggregated ratings from assessments performed in 2017 at hundreds of individual hospitals, clinics, ancillary facilities, payers, business associates, etc., across the nation to reveal an average 45% conformance with NIST CSF controls.

Furthermore, the report revealed that most organizations have opportunities for improvement in all five areas of the Core Elements of the framework, including the ability to identify, protect, detect, respond, and recover from a variety of cybersecurity incidents. These results highlight the growing need for healthcare organizations to make serious investments in cybersecurity readiness, as cybersecurity has become one of the top business risks facing healthcare today.

Additional findings and information from the Improving Readiness: Meeting Cyber Threats report include:

  • Of all organization types, business associates scored the highest overall conformance
  • Out of the five core elements of NIST CSF, organizations had the lowest ratings in detecting potential cybersecurity events
  • The highest ratings were in the Core Elements of response and recovery
  • Academic medical centers had the highest conformance ratings among provider organizations
  • Not surprisingly, larger organizations performed significantly better, across-the-board, than smaller organizations
  • Revenue is a less consistent predictor of CSF conformance across all Core Elements
  • More organizations are beginning to treat cyber events as enterprise risks
  • Machine learning and behavioral analytics will play a significant role in helping healthcare organizations improve incident detection
  • Printers, as endpoint devices, present multiple risks to health information
  • Adoption of the NIST CSF can raise the overall level of preparedness and resilience of healthcare organizations

The report also includes expertise and analysis from CynergisTek’s executive thought leaders, as well as proven best practices for strengthening privacy and security controls at healthcare organizations.

To learn more about the findings of this report, stop by booth #5060 at HIMSS18.

CynergisTek has the full report

Sponsored Recommendations

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...