HIMSS: 2024 Healthcare Industry Cybersecurity Survey Report

HIMSS: 2024 Healthcare Industry Cybersecurity Survey Report

Cybersecurity Budget

Investment – ​​Organizations are investing more resources to strengthen their defenses.

Strategic Priorities – Budgets are increasingly aligned with critical vulnerabilities.

Security Awareness

Phishing Attack Mitigation - Phishing attacks against projects are a major attack vector.

Innovative training – Gamification and scenario-based training increase engagement.

Security incidents

Phishing attacks dominate – Phishing attacks are the most common method of intrusion.

AI-driven attacks – Deepfakes are an emerging threat.

Ransomware

Fighting Ransomware – Ransomware defense remains a priority.

Reduced ransom payments - Ransomware victims report paying fewer ransoms.

AI

Inadequate policies – The lack of formal AI governance increases risks.

Limited Oversight – There is limited monitoring of the use of AI.

Third-party risks

Third-party incidents – Significant incidents involving third parties are noteworthy.

Impact – Third-party events causing outages and other impacts.

Insider Threat

Formal Program – A formal program is required to manage insider threats.

Methodology and Demographics

The 2024 HIMSS Healthcare Cybersecurity Survey reflects the attitudes of 273 healthcare cybersecurity professionals who have at least some responsibility for day-to-day cybersecurity operations or oversight of a healthcare organization’s cybersecurity program.

Data for the survey was collected between November 6 and December 16, 2024. Questions asked about respondents' opinions, knowledge and experiences over the past 12 months.

Respondents served in a variety of roles, including executive (50%), non-executive management (37%), and non-management (13%) roles. Executive roles included C-level executives, non-executive management included senior management, and non-management included analysts and experts.

Respondents reported varying levels of involvement in their organization’s cybersecurity program: 46% have primary responsibility, 30% share responsibility, and 24% are involved in day-to-day operations or oversight when needed.

Respondents represented a variety of organization types, including healthcare providers (50%), suppliers (18%), consulting firms (13%), government entities (8%), and other organizations (11%). Other organizations included academic institutions, nonprofits, payers, and life sciences companies.


​The document link will be shared to 199IT Knowledge Planet. Scan the QR code below to view it!

<<:  The neglected performance of mobile phone flash memory is actually more important than the processor

>>:  Samsung S8 is ruined by rear fingerprint sensor: it takes 6 seconds to read

Recommend

Learn this trick and you won’t lose money betting on football!

Economics is everywhere in our daily life. They s...

First screenshots of Windows 10 Mobile leaked

It is now very clear that Microsoft's new Win...

Three growth models and implementation principles of Internet finance!

1. What do we mean when we talk about user behavi...

Ideal Auto: Ideal Auto's annual sales volume in 2024 will reach 504,500 vehicles

Ideal Auto released the 2024 new force brand sale...

Soul and Tantan product analysis

With the continuous development of the Internet e...

How many keywords are generally suitable for Baidu bidding hosting?

How to determine the number of bidding keywords E...

The final struggle: Trump bans eight Chinese apps including QQ and Alipay

If nothing unexpected happens, January 20, 2021 w...

Overseas video marketing and promotion skills!

There is no doubt that a large portion of the pop...

Summary of operations related to WinPhone development database

1. First of all, let's talk about WP's su...