[...] Here are four survey findings related to how healthcare organizations address information security based on a 2018 HIMSS Cybersecurity Survey.
1. The plurality of respondents (45.5 percent) indicated they undergo security risk assessments once a year.
- Only 9.6% of health information security professionals selected the next most common response -- conducting daily security risk assessments.
2. When asked what security framework their organization has adopted, the majority of respondents cited the National Institute of Standards and Technology.
- NIST: 57.9%
- HITRUST: 26.4%
- Critical Security Controls: 24.7%
3. There's no uniform source of cyberthreat intelligence, according to the survey respondents, although the majority consider word-of-mouth information from peers a key resource.
- Peers: 68.6%
- U.S. Computer Emergency Readiness Team: 60%
- HIMSS resources: 53.8%
4. More than half of respondents cited lack of appropriate cybersecurity personnel as one of the biggest barriers for remediating and mitigating cybersecurity incidents.
- Lack of appropriate cybersecurity personnel: 52.4%
- Lack of financial resources: 46.6%
- Too many application vulnerabilities: 28.6%
Source: Becker's Hospital Review (View full article)
Posted by Dan Corcoran on March 13, 2018 08:07 AM
Post a comment