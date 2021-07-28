checkAd

New Report Reveals 76% of Healthcare Systems Failed in Securing Their Supply Chains

CynergisTek, (NYSE American: CTEK), a leading cybersecurity firm helping more than 1,000 hospitals navigate emerging security and privacy issues, released its fourth annual report, “Maturity Paradox: New World, New Threats, New Focus,” which revealed that most hospitals critically lack the ability to secure their supply chain systems.

In this report, CynergisTek reviewed just under 100 assessments of healthcare providers across the continuum, including hospitals, physician practices, Accountable Care Organizations (ACOs), and Business Associates. These assessments measure organizations’ security posture against the National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF), a standardized framework first published in 2014 intended to help protect American critical infrastructure.

Assessments were categorized into two cohorts: high performers with NIST conformance scores over 80% and low performers with conformance scores under 80%. CynergisTek’s 2021 report focuses on the industry’s overall status in cybersecurity preparedness, with 64% of organizations below 80% conformance. The report identified several areas for continued improvement in planning and preparedness, especially seeing as only 75% improved during the coronavirus pandemic – even then only slightly. While that is progress, it isn’t the progress the industry needs to shore up defenses. Investing in security, in the long run, is often ultimately more cost effective than paying the recent exorbitant ransoms.

“The past year has been arguably the most trying on the U.S. and global healthcare systems. We saw cybercriminals attack hospitals and healthcare institutions when they were at their most vulnerable – the industry made it through, granted with some bumps and bruises,” said David Finn, EVP at CynergisTek. “It is the responsibility now – of stakeholders, C-suite, IT managers, and anyone involved in protecting our healthcare system – to ensure that patient care remains resilient even in an environment with growing cyberattacks. The report demonstrates there is work to be done, but there are also immediate opportunities to shore up risk management practices.”

