Revenue Cycle Management
COVID-19
Reimbursement
Diabetes Awareness Month
Risk Management
Patient Retention
Staffing
Medical Economics® 100th Anniversary
Coding and documentation
Business of Endocrinology
Telehealth
Physicians Financial News
Cybersecurity
Cardiovascular Clinical Consult
Locum Tenens, brought to you by LocumLife®
Weight Management
Business of Women's Health
Practice Efficiency
Finance and Wealth
EHRs
Remote Patient Monitoring
Sponsored Webinars
Medical Technology
Billing and collections
Acute Pain Management
Exclusive Content
Value-based Care
Business of Pediatrics
Concierge Medicine 2.0 by Castle Connolly Private Health Partners
Practice Growth
Concierge Medicine
Business of Cardiology
Implementing the Topcon Ocular Telehealth Platform
Malpractice
Influenza
Sexual Health
Chronic Conditions
Technology
Legal and Policy
Money
Opinion
Vaccines
Practice Management
Patient Relations
Careers

IT pros overconfident about their ability to detect and remediate malware attacks

June 1, 2023

Article

Health care continues to be a top target for hackers, and IT professionals may overestimate their abilities to prevent attacks from happening.

When it comes to detecting and remediating malware attacks, many IT professional were overconfident and overly optimistic, according to the 2023 Ransomware Report from Cybersecurity Insiders and BullWall.

Hacker: ©Zetha Work - stock.adobe.com

For attack detection, 77% of respondents incorrectly believe their endpoint security solution can sufficiently protect their servers against malware attacks. There is also a substantial gap in confidence between detection and remediation, with 76% saying they were confident in the organization’s ability to prevent an attack, but only 35% saying they were confident in the ability to remediate ransomware after it locks or encrypts data within their systems.

According the report, recovery time expectations were overly optimistic, with 35% saying they believe they can recover from an attack in a few days despite research showing the average is weeks or months. The vast majority (79%) say a threat is moderately to extremely likely to happen to their organization within the next year.

Respondents also saw their data at risk, with 69% reporting that financial information is at risk, 61% saying customer information is at risk, and 56% saying employee information is at risk. If hit with ransomware, respondents said the biggest negative impacts were downtime (82%), financial losses (75%), and reputational damage (68%).

When it comes to building better defenses, 47% cite the evolving sophistication of attacks and 45% cite budget constraints.

“Organizations are becoming almost resigned to the eventuality of a ransomware attack, and are starting to indicate that the golden standards of prevention are not enough,” Cybersecurity Insiders Principal Holger Schulze said in a statement. “These findings emphasize the importance of shifting from a purely preventative approach ... to a more layered, comprehensive strategy that includes rapid containment of ongoing attacks. By implementing solutions that can quickly shut down active attacks, organizations can limit the damage inflicted and reduce recovery time, better protecting their valuable data, operations and reputation.”

Last year, there were over 217 million attacks in the U.S. alone according to experts.

435 cybersecurity professionals in technology, financial services, health care, pharma and biotech, education, retail, non-profits and other sectors participated in the research.