HIMSS: 2024 Healthcare Industry Cybersecurity Survey Report

HIMSS: 2024 Healthcare Industry Cybersecurity Survey Report

Cybersecurity Budget

Investment – ​​Organizations are investing more resources to strengthen their defenses.

Strategic Priorities – Budgets are increasingly aligned with critical vulnerabilities.

Security Awareness

Phishing Attack Mitigation - Phishing attacks against projects are a major attack vector.

Innovative training – Gamification and scenario-based training increase engagement.

Security incidents

Phishing attacks dominate – Phishing attacks are the most common method of intrusion.

AI-driven attacks – Deepfakes are an emerging threat.

Ransomware

Fighting Ransomware – Ransomware defense remains a priority.

Reduced ransom payments - Ransomware victims report paying fewer ransoms.

AI

Inadequate policies – The lack of formal AI governance increases risks.

Limited Oversight – There is limited monitoring of the use of AI.

Third-party risks

Third-party incidents – Significant incidents involving third parties are noteworthy.

Impact – Third-party events causing outages and other impacts.

Insider Threat

Formal Program – A formal program is required to manage insider threats.

Methodology and Demographics

The 2024 HIMSS Healthcare Cybersecurity Survey reflects the attitudes of 273 healthcare cybersecurity professionals who have at least some responsibility for day-to-day cybersecurity operations or oversight of a healthcare organization’s cybersecurity program.

Data for the survey was collected between November 6 and December 16, 2024. Questions asked about respondents' opinions, knowledge and experiences over the past 12 months.

Respondents served in a variety of roles, including executive (50%), non-executive management (37%), and non-management (13%) roles. Executive roles included C-level executives, non-executive management included senior management, and non-management included analysts and experts.

Respondents reported varying levels of involvement in their organization’s cybersecurity program: 46% have primary responsibility, 30% share responsibility, and 24% are involved in day-to-day operations or oversight when needed.

Respondents represented a variety of organization types, including healthcare providers (50%), suppliers (18%), consulting firms (13%), government entities (8%), and other organizations (11%). Other organizations included academic institutions, nonprofits, payers, and life sciences companies.


​The document link will be shared to 199IT Knowledge Planet. Scan the QR code below to view it!

<<:  The neglected performance of mobile phone flash memory is actually more important than the processor

>>:  Samsung S8 is ruined by rear fingerprint sensor: it takes 6 seconds to read

Recommend

User operation, how to retain users after fission?

What I want to discuss with you this time is how ...

A proud buttocks "Ao Family Army Military Academy"

A proud buttocks "Ao Jiajun Military Academy...

Tik Tok Marketing Tips: Comprehensively Understand the Star Map Platform!

What is Star Chart Platform? In September 2017, t...

What growth methods did these super apps and websites use in their early years?

How can we achieve user growth organically and ac...

How to build an overseas operation and promotion system from 0 to 1!

Preface: Many Chinese Internet startup teams goin...

New Wi-Fi technology is available that's better suited for smart homes

[[161680]] 1. New WiFi technology is emerging, mo...