The Ponemon report says that the risk of ransomware is make or break

Nearly half (45%) of respondents to healthcare providers said ransomware attacks increased complications from medical procedures, according to a new study from the Ponemon Institute. This is up from 36% in 2021.

why does it matter

For the report,”The impact of ransomware on patient safety and the value of cybersecurity standardsSponsored by Censinet, Ponemon researchers surveyed 579 healthcare IT professionals at healthcare delivery organizations in the fourth quarter of 2022 in order to understand how ransomware continues to impact patient care, and to determine the value of cybersecurity standards in minimizing impacts.

Like the First study“The Impact of Ransomware on Healthcare During COVID-19 and Beyond,” Ponemon found that more than one in five respondents indicated that ransomware attacks had a negative impact on patient mortality rates.

The most widespread effect identified was an increase in the number of patients transferred or transferred to other facilities, according to 70% of those surveyed, up from 65% in the previous study.

More organizations have been hit by ransomware attacks, with the number growing due to weak cybersecurity controls and third-party technology vulnerabilities – and more of these organizations are paying the ransom.

Now, 67% of respondents, up from 60%, said their organizations paid, with average ransom payments increasing from $282,675 in 2021 to $352,541.

“The average duration of disruptions caused by ransomware attacks did not improve and could last more than a month (35 days),” the researchers said.

The new study also looked at normative factors in providing risk-mitigating resources, such as staffing investments that accommodate the higher levels of oversight needed to manage incremental growth. Third Party Risks and funding new cyber preparedness technologies.

“The cybersecurity benchmark provides valuable insights into how healthcare resources can be allocated to reduce ransomware risks and their potential impacts on patient care,” the researchers said in the report.

Benchmarking demonstrated the effectiveness of their cybersecurity framework, and compliance helped respondents establish cybersecurity program goals and more data-driven decision-making. They also found that it helped them respond to and recover from ransomware attacks.

“The findings in this year’s Ponemon report are unfortunately not surprising, as ransomware continues to shut down hospital operations and disrupt care at an alarming rate,” Ed Gaudit, CEO and founder of Censinet, said in a statement.

“This report highlights persistent threats while introducing new approaches to creating rigorous, robust, and ongoing patient protection cyber programs,” he said in a statement.

Censinet is also working on a separate benchmarking study of up to 100 participating healthcare organizations that will be released in 2023. We recently Talk to Judith About this work and other cyber security requirements.

The biggest trend

The US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency investigated and determined the relationship between intensive care bed use and excess deaths two, four and six weeks after the ransomware attack.

CISA warned, just over a year ago, that the An additional breed of ransomware attack And the excess deaths it is causing in an already reeling care-delivery system from the pandemic could have severe upstream effects.

“Analysis of these excess deaths plus deaths from COVID-19 reveals some interesting demographic segments — one of which is that one of the fastest growing groups impacted by these non-COVID-19 excess deaths from deteriorating and delayed care is 25- to 44-year-olds,” Josh explained. Corman, CISA Senior Advisor and Strategist.

Tell Healthcare Information Technology News Before a presentation on how the agency could support struggling healthcare organizations at the HIMSS Healthcare Cybersecurity Forum said the quality of healthcare infrastructure nationwide was degrading.

“Armed with high case rates and hospitalizations from the pandemic as a baseline, we were able to lean back and try to study this national experience of prolonged service disruption in hospitals,” he said.

The team asked, can the Internet [attacks] make it worse? And the answer is yes.”

On the record

“Our findings indicate that hospital IT/security personnel continue to believe that ransomware has a widespread and negative impact on patient care,” said Dr. Larry Ponemon, president and founder of the Ponemon Institute, in announcing the new report.

“With ransomware growing exponentially and most organizations under constant threat, this report also explores how peer standards improve the effectiveness of an HDO’s cybersecurity program, including decision-making, staffing, and resource allocation,” said Ponemon.

Andrea Fox is Senior Editor, Healthcare News for IT.
Email: afox@himss.org

Healthcare IT News is a HIMSS publication.

Leave a Reply

Your email address will not be published. Required fields are marked *