CynergisTek releases 2018 report on cybersecurity findings in healthcare
Mission Viejo, CA – March 1, 2018 — CynergisTek, Inc. (NYSE AMERICAN: CTEK), a leader in healthcare cybersecurity and information management, has announced the release of its annual report, Improving Readiness: Meeting Cyber Threats. The report focuses on a key question that many boards and executives are asking today, “How ready are we for a cyber event?” It provides a sobering analysis of how healthcare organizations measured against the National Institute of Standards and Technology Cybersecurity Framework (NIST CSF), which outlines best practices for healthcare organizations to follow to manage risks associated with cybersecurity.
CynergisTek’s 2018 report aggregated ratings from assessments performed in 2017 at hundreds of individual hospitals, clinics, ancillary facilities, payers, business associates, etc. across the nation to reveal an average 45 percent conformance with NIST CSF controls. Furthermore, the report revealed that most organizations have opportunities for improvement in all five areas of the Core Elements of the framework including the ability to identify, protect, detect, respond and recover from a variety of cybersecurity incidents. These results highlight the growing need for healthcare organizations to make serious investments in cybersecurity readiness, as cybersecurity has become one of the top business risks facing healthcare today.
Additional findings and information from the Improving Readiness: Meeting Cyber Threats report include:
- Of all organization types, business associates scored the highest overall conformance
- Out of the five core elements of NIST CSF, organizations had the lowest ratings in detecting potential cybersecurity events
- The highest ratings were in the Core Elements of response and recovery
- Academic medical centers had the highest conformance ratings among provider organizations
- Not surprisingly, larger organizations performed significantly better across the board than smaller organizations
- Revenue is a less consistent predictor of CSF conformance across all Core Elements
- More organizations are beginning to treat cyber events as enterprise risk
- Machine learning and behavioral analytics will play a significant role in helping healthcare organizations improve incident detection
- Printers, as endpoint devices, present multiple risks to health information
- Adoption of the NIST CSF can raise the overall level of preparedness and resilience of healthcare organizations
“Hopefully this report can provide a vehicle for the industry to become more aware of the need for greater emphasis and investment in cybersecurity readiness,” said Mac McMillan, CEO of CynergisTek. “Hackers are becoming more sophisticated and we expect to see greater frequency and intensity of cyber attacks in healthcare. The NIST CSF gives healthcare organizations the framework they need to build the resilience that 21st-century healthcare is going to require.”
The report also includes expertise and analysis from CynergisTek’s executive thought leaders, as well as proven best practices for strengthening privacy and security controls at healthcare organizations. The full report can be downloaded here.
To learn more about the findings of this report, stop by booth #5060 at HIMSS18 in Las Vegas from March 6 to 8. To schedule a meeting with a CynergisTek executive at the conference, please contact Danielle Johns at [email protected].
About CynergisTek, Inc.
CynergisTek is a top-ranked cybersecurity and information management consulting firm dedicated to serving the healthcare industry. CynergisTek offers specialized services and solutions to help organizations achieve privacy, security, compliance, and document output management goals. Since 2004, the company has served as a partner to hundreds of healthcare organizations and is dedicated to supporting and educating the industry by contributing to relevant industry associations. The company has been named in numerous research reports as one of the top firms that provider organizations turn to for privacy and security and won 2017 Best in KLAS award for Cyber Security Advisory Services.