[BreachExchange] Survey: Ransomware, malware among top concerns for health IT executives

Audrey McNeil audrey at riskbasedsecurity.com
Wed Nov 2 10:42:06 EDT 2016


http://www.beckershospitalreview.com/healthcare-information-
technology/survey-ransomware-malware-among-top-concerns-
for-health-it-executives.html

Regardless of size, healthcare facilities report similar cybersecurity
concerns, according to a recent survey.

The survey included responses from 190 members of the College of Healthcare
Information Management Executives and the Association for Executives in
Healthcare Information Security. When considering size, respondents were
divided into three groups: those from facilities with more than 400 beds,
those from facilities with 100 to 399 beds and those from facilities with
fewer than 100 beds.

Here's what you need to know:

1. All three groups ranked ransomware their highest concern when
considering potential security exploits; other major concerns included
malware and hacking. However, when asked to consider which security
exploits were most common, malware proved the most cited response.

2. When considering potential security threats, facilities with fewer than
100 beds cited social engineering as their greatest concern, while the
other two groups cited data theft. However, when asked to consider which
security threats were most common, social engineering proved the most
reported response for all three groups.

3. All three groups ranked data exposure their highest concern when
considering potential security vulnerabilities. However, when asked to
consider which security vulnerabilities were most common, facilities with
fewer than 100 beds cited security misconfiguration, while facilities with
more than 400 beds cited other application vulnerabilities; medium-sized
facilities were tied between these two options.

4. All three groups reported that if their organization was targeted
through a cyberattack, it would perform better than had the system been
attacked one year ago. This confidence was especially pronounced when asked
whether their organization had better systems in place to prepare for a
security incident than one year ago.

5. When respondents were asked whether federal legislators understand the
importance of security enough to support IT security initiatives, the
plurality of participants (39.46 percent) reported "not confident at all."
The second most common response (29.25 percent) was "neither confident nor
unconfident."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20161102/c0e18657/attachment.html>


More information about the BreachExchange mailing list