RESEARCH REPORT

In brief

In brief

  • Healthcare organizations are gaining ground on cyber attackers, but more cybersecurity investment is needed to keep the momentum going.
  • Despite progress against cyber attacks, four in 10 healthcare payers do not feel protected by their cybersecurity program.
  • Healthcare providers agree that advanced technologies are key to a secure future, but less than half are investing now to automate defenses.


There is usually a lot of gloom and doom around the topic of cyber crime in healthcare. Finally, there is promising news to report.

Accenture’s 2018 State of Cyber Resilience report reveals that healthcare payers and providers are improving cyber resilience even as targeted attacks more than doubled over the last year. In fact, healthcare organizations stopped 87 percent of attacks in 2018, compared to 70 percent in 2017. If the current rate of progress continues, healthcare organizations could reach a sustainable level of cyber resilience in just two to three years.

RELATED: 2018 State of Cyber Resilience in Healthcare
RELATED: Accenture Technology

More good news: Not only are healthcare security teams improving detection, prevention and collaboration in the fight against cyber crime, they have also realized an impressive 42 percent improvement in overall security capabilities in areas including business exposure, cyber response readiness, investment efficiency and governance and leadership.

Moving forward, healthcare organizations cannot get complacent. Progress cannot stop. As they look to the next wave of improvements, the industry has to address the enemy within. Internal attacks are the most frequent of breaches—and make the greatest impact. The focus for the future of cyber resilience? Investing in inside-out programs, extending cybersecurity standards to ecosystem partners, aligning security objectives with the business, and leveraging new technologies.

Healthcare Payers: 2018 State of Cyber Resilience

Healthcare payers have invested heavily to become more cyber resilient. And their investments have paid off with a 41 percent improvement across 33 cybersecurity capabilities. What’s more, one in seven cyber attacks breached their defenses in 2018 compared to one in three in 2017.

RELATED: Healthcare Payers: 2018 State of Cyber Resilience
RELATED: Accenture Technology

But the reality is that cyber attacks targeting payers are escalating—they are up 89 percent in the last twelve months. This means that risks and costs of protection are on the rise too. As attacks multiply and criminals use more advanced technologies to multiply damage and disruption, healthcare payers have to up their game too.

While executives in healthcare payers are making good progress, more work is needed.

4 OUT OF 10

Say their organization is not protected by their cybersecurity program.

84%

Say new technologies are essential to securing the future of the organization.

76%

Say it is not possible to appear “strong, prepared and competent” if security is breached.

77%

Say cyber attacks remain a “black box” in terms of when and how they will impact the organization.



Healthcare Providers: 2018 State of Cyber Resilience

Like healthcare payers, providers are making good progress in cyber resilience. One in six attacks breached their defenses in 2018, compare to one in four in 2017. This slight drop likely reflects the fact that providers experienced a 39 percent improvement across all cybersecurity capabilities between 2017 and 2018.

RELATED: Healthcare Providers: 2018 State of Cyber Resilience
RELATED: Accenture Technology

Providers are not as vulnerable to attacks as payers. During this period, cyber attacks directed at them fell by seven percent from 147 to 137 reported breaches. This could explain why providers are slightly more confident in the effectiveness of their cybersecurity programs. Providers are also less likely to view cyber attacks as a black box.

While executives in healthcare providers are making good progress, more work is needed.

4 OUT OF 10

Say their organization is not protected by their cybersecurity program.

86%

Say new technologies are essential to securing the future of the organization.

61%

Say it is not possible to appear “strong, prepared and competent” if security is breached.

65%

Say cyber attacks remain a “black box” in terms of when and how they will impact the organization.



John Schoew

Managing Director – Healthcare Security

MORE ON THIS TOPIC


Subscription Center
Stay in the Know with Our Newsletter Stay in the Know with Our Newsletter