Proofpoint and Ponemon Institute Release Third Annual Healthcare Cybersecurity Survey

The survey found that 92 percent of organizations surveyed experienced at least one cyberattack in the past 12 months.

By HFT Staff


Proofpoint, Inc., a cybersecurity and compliance company, and Ponemon Institute, an IT security research organization, released the results of their third annual survey on the effects of cybersecurity in healthcare. The report, “Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care 2024,” finds that 92 percent of healthcare organizations surveyed experienced at least one cyberattack in the past 12 months, an increase from 88 percent in 2023, with 69 percent reporting disruption to patient care as a result. 

Among the organizations that suffered the four most common types of attacks – cloud compromise, ransomware, supply chain and business email compromise (BEC) – 56 percent reported poor patient outcomes due to delays in procedures and tests, 53 percent saw an increase in medical procedure complications, and 28 percent say patient mortality rates increased—an increase of five percentage points over last year. These findings indicate that healthcare organizations continue to struggle with mitigating the risks these attacks pose to patient safety and well-being. 

The report, which surveyed 648 information technology and security practitioners in United States healthcare organizations, found that supply chain attacks are most likely to affect patient care. More than two-thirds (68 percent) of respondents said their organizations had an attack against their supply chains, of which 82 percent said it disrupted patient care, an increase from 77 percent in 2023. BEC leads the group of attacks most likely to result in poor outcomes due to delayed procedures and tests (69 percent), followed by ransomware (61 percent), which was also most likely to result in longer lengths of stay (58 percent) and increase in patients diverted or transferred to other facilities (52 percent). 

“Our third annual report was conducted to determine if the healthcare industry is making progress in reducing human-centric cybersecurity risks and disruptions to patient care,” says Larry Ponemon, chairman and founder of the Ponemon Institute. “For the third consecutive year, we found that the four types of analyzed attacks show a direct negative impact on patient safety and wellbeing. The good news, however, is the healthcare industry seems to increasingly recognize the importance cybersecurity plays in patient outcomes; on average, IT budgets have increased, and fewer IT practitioners indicate that budget is a challenge in keeping their organization’s cybersecurity posture from being fully effective.” 



October 10, 2024


Topic Area: Information Technology , Security


Recent Posts

The Future of Healthcare Facility Construction Projects

Brian Cowperthwaite highlights the invisible work that impacts everyone who walks through a healthcare facility.


Ground Broken on Jupiter Medical Center's Second Hospital

The 53,000-square-foot hospital will include 29 inpatient beds, four operating rooms, 24-hour emergency services, a diagnostic laboratory and imaging services.


Singing River Health System Ensnared by Data Breach

Through an investigation, on February 10, 2026, SRHS learned that the unauthorized party had accessed certain SRHS files that contained patient information.


Partnering on Personnel: Strategies for Success

Environmental services in healthcare have special staffing circumstances. They must meet stringent compliance standards and maintain accreditations.


Kaiser Permanente Opens First Two Medical Offices in Northern Nevada

These are part of its joint venture with Renown Health.


 
 


FREE Newsletter Signup Form

News & Updates | Webcast Alerts
Building Technologies | & More!

 
 
 


All fields are required. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.