Request Demo

Healthcare, NIST Cybersecurity Framework

Here's Why 71% of Organizations Allocated a Cybersecurity Budget in 2017

down-arrow

The 2017 HIMSS Cybersecurity Survey indicates healthcare organizations are prepared for cyberattacks and data breaches more than ever before, and certainly much more than expected.

The survey was conducted to find out how healthcare organizations are protecting their information and assets from cyber attacks. 60% of respondents said they had a senior information security leader such as a CISO within the company. The survey also found that 71% of organizations who were surveyed already allocate funds towards cybersecurity in their budgets, and 80% of IT leads within those organizations said that they have a dedicated cybersecurity team.

60% of organizations with specific cybersecurity budgets allocate 3% or more of their overall budget, and 75% of these organizations said that insider threat management programs are emplace. In addition, 85% conduct a risk assessment yearly or even more frequently, and 75% conduct penetrations testing regularly. It is clear that healthcare is heavily supporting and prioritizing the cybersecurity strength of its organizations.

Why such high numbers?

In may, the United Kingdom's National Health Service was attacked by WannaCry, forcing scheduled operations and other appointments to be cancelled. IT systems were shut down and some healthcare entities even had to turn patients away. In June, Merck, Nuance Communications, and Heritage Valley Health System were crippled by a global ransomware attack. It is clear that the healthcare industry is a target for cyber attacks worldwide, and it's not just the smaller healthcare organizations that are vulnerable - attacks are aimed at big fish.

“Quality, stress-tested cybersecurity programs are imperative to protecting provider organizations and the patients they care for,” Rod Piechowski, senior director of health information systems for HIMSS, said. “This data is encouraging because it shows that many organizations are making security programs a priority; however, there is room for continued improvement. Our hope is that the new research will be an important resource for organizations navigating the complex security landscape.”

What can healthcare organizations do?

More and more healthcare organizations are adopting the NIST Cybersecurity Framework. It is imperative to test, manage, and mitigate your cyber posture internally in order to understand your vulnerabilities and know where to allocate resources for the highest impact on cyber strength. Prioritize your cybersecurity budget and team as so many of these healthcare organizations have already done. In addition, you should be keeping track of cyber attacks and how to eradicate your vulnerabilities. Reach out to info@cybersaint.io to access all these capabilities on one platform, or view resources on steps to take to strengthen your cyber posture.

 

 

You may also like

Integrating GRC: Governance, ...
on June 6, 2019

In our Integrating Governance Risk and Compliance series, CyberSaint leadership explores the process through which cybersecurity leaders can reconfigure their organizations to ...

Jerry Layden
Critical Capabilities of Cyber ...
on June 4, 2019

As Boards and CEOs start taking a greater concern with the security posture of their enterprise, CISOs and information security teams are being faced with translating their cyber ...

Integrating Governance, Risk, and ...
on May 30, 2019

When Gartner released the magic quadrant for integrated risk management (IRM) in 2018 rather than for governance risk and compliance (GRC), members of the information security ...

An Integrated Risk Management ...
on May 28, 2019

As cybersecurity is elevated to a Board- and CEO-level issue, the role it plays in overall enterprise risk management is is becoming more apparent. With that comes a need for an ...

Using NIST 800-30 To Implement The ...
on May 23, 2019

The National Institutes of Standard and Technology’s Risk Management Framework (RMF) is a foundational aspect to managing cybersecurity risk. When coupled with the NIST ...

NIST Cybersecurity Framework Tool ...
on May 21, 2019

For almost all organizations large and small the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) represents the gold standard for managing ...