New KPMG/Forbes Study: Health Care Firms are Unprepared for Next Cyber Security Breach
August 04, 2017
A new KPMG and Forbes Insights report found that the health care industry is “elevating cyber security to a strategic imperative but at a pace that lags behind [its] desire to adopt digital technologies to drive innovation.”
The report surveyed 100 health care (payer and provider) senior executives, as well as an additional 100 senior executives in the life sciences (biopharma/pharma and medical device) field. Key findings include:
- During the past two years, 47 percent of health care “firms have had a HIPPA-related security violation or breach”
- 43 percent have not increased their cyber security budget, despite news of major cyber threats; 42 percent have no plans to increase their budget during the next year
- 52 percent of health care firms will rely on their cyber insurance in the event of a breach or attack
- During the past year, 34 percent of firms have not invested in information security. Of the firms investing, only 24 percent are investing in staff resources.
The study does, however, find that 95 percent of firms polled have incident response plans in place, but cautions that most of these efforts are reactive, as opposed to proactive. With additional planning and investments, health care organizations can train staff and put in place the necessary tools and protocol to handle future cyber breaches and attacks.
During May 2017, hospitals and businesses across the world were impacted by large-scale Microsoft-based ransomware attack, known as WannaCry. The attack impacted tens of thousands of computers in more than 150 countries. Britain’s National Health System and FedEx were among the attack’s most notable victims.
HAP’s Emergency Preparedness team works with member hospitals, law enforcement, and government agencies to support emergency response for everyday emergencies and unexpected disasters. The team carefully monitors potential issues—including cyber security breaches—and works to prepare hospitals to respond to any situation that may arise. Contact Tom Grace, vice president, emergency preparedness, for more information.