According to a new study from the Ponemon Institute, nearly half of healthcare providers polled (45%) said ransomware attacks increase complications from medical procedures. economic. This is up from 36% in 2021.
WHY IT IMPORTANT
For the “Ranware Impact on Patient Safety and Value of Cybersecurity Benchmarking” report sponsored by Censinet, Ponemon researchers surveyed 579 healthcare IT professionals. health care providers in Q4 2022 to understand how ransomware continues to impact patient care and to determine the value of cybersecurity benchmarks in reducing impact .
Like the first study, “The Impact of Ransomware on Healthcare During COVID-19 and Beyond,” Ponemon found that more than a fifth of respondents indicated that attacks of ransomware has an adverse impact on patient mortality.
The most common impact identified was an increase in patients being transferred to or diverted to other facilities, reported by 70% of those surveyed, up from 65% in the previous study.
More and more organizations are experiencing ransomware attacks, with an increasing number due to poor cybersecurity controls and third-party technology vulnerabilities – and many of these organizations are paying for it. ransom.
Now, 67% of respondents, up from 60%, say their organization has paid, with the average ransom payment increasing from $282,675 in 2021 to $352,541.
“Average downtime caused by ransomware attacks has not improved and can last more than a month (35 days),” the researchers said.
The new study also looks at benchmarking factors in risk mitigation resources, such as staffing investments that match the higher levels of oversight needed to manage growing third-party risks. and funding new cyber-ready technologies.
“Peer-to-peer benchmarking in cybersecurity provides valuable insight into how healthcare resources should be allocated to reduce ransomware risk and its potential impact,” the researchers said in the report. it for patient care”.
Benchmark comparisons demonstrated the effectiveness of their cybersecurity framework, and compliance helped respondents establish cybersecurity program goals and make more data-driven decisions. They also found that it helped them respond to and recover from ransomware attacks.
Ed Gaudet, CEO and Founder of Censinet, said: “Unfortunately, the findings in this year’s Ponemon report are not surprising given that ransomware continues to shut down hospital operations and make disruption of care at an alarming rate.
“This report highlights continuing threats while introducing new approaches to creating rigorous, robust, and ongoing network programs to protect patients,” he said in a statement. .
Censinet is also running a separate benchmarking study involving up to 100 healthcare organizations that will be released in 2023. We recently spoke with Gaudet about that work and other cybersecurity commands.
TREND TO BIGGER
The U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency previously studied and quantified the correlation between intensive care bed use and deaths in excess of two, four and six weeks after a ransomware attack.
CISA warned, more than a year ago, that the rise of ransomware attacks and the overwhelming number of deaths they cause to the care system is reeling with A pandemic can have serious upstream effects.
“An analysis of this overstatement of deaths from COVID-19 reveals some interesting demographics – one of which is one of the fastest-growing groups affected. because these excessive non-COVID-19 deaths from degrading and delayed care are between the ages of 25 and -44,” explained Josh Corman, senior adviser and strategist at CISA.
I said Healthcare IT News before a presentation on how the agency can support struggling healthcare organizations at the HIMSS Healthcare Cybersecurity Forum that the quality of healthcare infrastructure across the country is falling grant.
“Armed with rising case rates and pandemic hospitalizations as a baseline, we can lean on and try to study this national trial of prolonged service disruptions,” he said. in hospitals”.
“The group asked, maybe cyber [attacks] Make it worse? And the answer is yes.”
ON PROFILE
Dr Larry Ponemon, president and founder of the Ponemon Institute, said: “Our findings indicate that hospital IT/security staff continue to believe that ransomware has a widespread and detrimental impact on patient care”.
“With ransomware growing exponentially and most organizations under constant threat, this report also explores how peer-to-peer benchmarking improves security program effectiveness,” said Ponemon. network of HDOs, including decision-making, recruitment, and resource allocation”.
Andrea Fox is the senior editor of Healthcare IT News.
Email: [email protected]
Healthcare IT News is a publication of HIMSS.
