One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8594120 |
| Date de publication | 2024-10-08 20:43:58 (vue: 2024-10-08 09:17:12) |
| Titre | Le nouveau rapport Ponemon montre que la conscience des cyber-risques pour les organisations de soins de santé ne se traduit pas toujours par des protections adéquates New Ponemon Report Shows Awareness of Cyber Risks to Healthcare Organizations is not Always Translating to Adequate Protections |
| Texte | Despite growing awareness and widespread acknowledgment of the impact of cyber threats facing the healthcare industry, many within it are still struggling to keep them at bay. Recent years have seen providers and other healthcare institutions at the mercy of nation-state hackers and opportunistic cyber criminals. As well as hammering bottom lines, such attacks have eroded trust and, at times, put lives at risk. The third annual Ponemon Institute Report, commissioned by Proofpoint, found that 92% of US healthcare organizations surveyed experienced at least one cyber attack in the past 12 month, with almost 70% reporting disruption to patient care due to cyber attacks. Among the organizations that suffered the four most common types of attacks, cloud compromise, ransomware, supply chain, and business email compromise (BEC): 56% reported poor patient outcomes due to delays in procedures and tests 53% saw an increase in medical procedure complications 28% say patient mortality rates increased Unfortunately, this year\'s report confirms an inconvenient truth for the healthcare sector: awareness does not always translate into preparedness. It\'s clearer than ever: cyber risk is patient risk… While any attack that impedes a healthcare provider\'s ability to deliver care is clearly harmful to patients, several threats stand out as causing the most disruption. Supply chain attacks lead the way. Among the 648 information technology and security practitioners surveyed, 68% of respondents said their organizations had an attack against their supply chains in the past two years. A concerning 82% said it disrupted patient care, an increase from 77% in 2023. Meanwhile, BEC is most likely to result in poor patient outcomes due to delayed procedures, closely followed by ransomware. The latter is also most likely to lead to longer stays in healthcare centers as well as an increase in patients diverted to other facilities. Despite the severe impact of ransomware on healthcare institutions, just over half (54%) believe they are vulnerable or highly vulnerable to ransomware attacks, down from 64% last year. While this confidence may be due, in part, to a decline in the number of organizations paying ransoms, security teams should take note that payment values are on the up. In 2024, the average ransom payment was $1,099,200 compared to $995,450 the previous year. Another difficult consideration for the healthcare industry is that its people, whether intentionally or not, are putting patients at risk. Some 92% of organizations suffered a data loss incident at least twice in the past two years. Around half impacted patient care, and of those, 50% experienced increased mortality rates and 37% saw poorer outcomes due to delays to procedures or tests. On average, surveyed organizations experienced 20 data loss and exfiltration incidents in the past two years with employees the root cause. Not following security policies (31%), accidental data loss (26%), staff sending sensitive information to unintended recipients (21%) were the top three culprits. …so cyber safety is patient safety It may once have been dismissed or diminished as hyperbole. But the stats speak for themselves – the behavior of your people can put your patients at risk. The upside, however, is that good security habits go a long way to keeping them safe. Even simple behaviors like setting strong passwords, adhering to device policies and avoiding malicious links and attachments can protect healthcare organizations, and those they care for, from significant disruption. Or worse. Unfortunately, while increasing numbers of organizations say they are educating their staff on security risks, many programs are falling short. Over two-thirds (71%) say they take steps to address the risk of employees\' lack of awareness about cybersecurity threats (up from 65% in 202 |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | $995 099 200 2023 2024 450 648 : ability about accidental acknowledgment actions address adequate adhering against almost also always among annual another any are around attachments attack attacks average avoiding awareness bay bec been behavior behaviors believe bottom business but can care cause causing centers chain chains clearer clearly click closely cloud commissioned common compared complications compromise concerning conduct confidence confirms consequences consideration context cost count criminals culprits cyber cybersecurity data decline delayed delays deliver despite devastating device difficult diminished dismissed disrupted disruption diverted does down download due educating education effective efficiently email embedded employees equip eroded errant even ever: every everything exfiltration experienced facilities facing falling findings followed following found four from good growing habits hackers had half hammering harmful has have healthcare healthcare: highly however hyperbole impact impacted impedes improve improving incident incidents inconvenient increase increased increased increasing industry information initiatives insecurity insider institute institutions intentionally its just keep keeping lack last latest latter lead learn least leave level like likely lines links little lives long longer loss magnitude malicious many may meanwhile medical member mercy minor month more more mortality most must nation new not note number numbers once one ongoing open opportunistic organizations other out outcomes over part passwords past patient patients paying payment people policies ponemon poor poorer posture potentially power practitioners preparedness previous procedure procedures programs proofpoint protect protections provider providers put putting ransom ransoms ransomware rates recent recipients regular report reported reporting respondents result risk risks risk… root safe safety safety said saw say sector: security seen sending sensitive setting several severe short should shows significant simple skills some speak staff stand state stats stays steps strong struggling such suffered supplement supply surveyed tackle take targeted task teams technology tests tests than them themselves third thirds those threats three times tools top training translate translating trust truth turning twice two types ultimately understand unfortunately unintended upside values very vulnerable want way well whether widespread within without worse year years yet your …so |
| Tags | Ransomware Tool Medical Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.