The rapid fire spread of the WannaCry ransomware, which infected thousands of organizations globally, is one of the most significant cyberattacks in recent digital history. The impact was particularly damaging to the healthcare sector, with the UK’s National Health Service (NHS) being one of the first and most adversely affected victims, causing numerous patient services to be shut down, including emergency services. Though this type of cyberattack is one long forewarned by security professionals, in a recent B2B technology survey of 455 U.S.-based companies across nine vertical markets, ABI Research finds that healthcare respondents show the least concern regarding security out of all sectors surveyed.
“Cybersecurity within the healthcare sector has been traditionally poor, at best,” says Michela Menting, Research Director at ABI Research. “Most organizations limit themselves to box ticking exercises, as required under data protection legislation for patient privacy. A true understanding of the risks and the requirements of comprehensive, multi-layered cybersecurity implementation is sorely lacking. When ranking barriers to technology adoption, we find that 82% of healthcare respondents did not rank privacy and data protection as a concern, and 58% did not rank cybersecurity at all.”
For privacy and data protection, this high dismissal rate could be attributed to healthcare organizations’ complacency regarding existing data protection frameworks. The number of health records breached in the sector alone have numbered in the millions since 2010, and ransomware has been the bane of healthcare organizations, with more than 50% of global attacks targeting the sector in the past two years. “Belief that healthcare providers are experienced in data protection due to compliance with existing regulation can provide a false sense of security when faced with new technology adoption,” continues Menting.
Similarly, more than half of healthcare B2B technology survey respondents did not consider cybersecurity to be an obstacle. This inattention can be attributed to several factors: lack of specific cybersecurity legislation and guidance, belief that data protection regulation could address the problem, low awareness and limited understanding of risks, and the perceived unlikelihood of widespread cyberattacks.
“Complacency in risk mitigation is dangerous, as the WannaCry ransomware attack sadly revealed,” concludes Menting. “Healthcare organizations should treat cybersecurity as a living process, rather than as a static checklist, especially when considering new technology adoption. Connected medical devices and hospital equipment increasingly form part of care provisioning, and are highly vulnerable to cyberattacks. This is even more critical as basic IT cybersecurity seems to be dangerously unattended in the industry. Ransomware will continue to be a popular cyberattack, attracting an ever-growing number of malicious actors, keen to cash-in on the vulnerabilities riddling healthcare organizations.”
These findings are from ABI Research’s Industry Survey: Transformative Technology Adoption and Attitudes - Cybersecurity report.
About ABI Research
ABI Research is a global technology intelligence firm delivering actionable research and strategic guidance to technology leaders, innovators, and decision makers around the world. Our research focuses on the transformative technologies that are dramatically reshaping industries, economies, and workforces today.
ABI Research提供开创性的研究和战略指导，帮助客户了解日新月异的技术。 自1990年以来，我们已与全球数百个领先的技术品牌，尖端公司，具有远见的政府机构以及创新的贸易团体建立了合作关系。 我们帮助客户创造真实的业务成果。
For more information about ABI Research’s services, contact us at +1.516.624.2500 in the Americas, +44.203.326.0140 in Europe, +65.6592.0290 in Asia-Pacific, or visit www.abiresearch.com.
Asia: +65 6950.5670