• Revenue Cycle Management
  • COVID-19
  • Reimbursement
  • Diabetes Awareness Month
  • Risk Management
  • Patient Retention
  • Staffing
  • Medical Economics® 100th Anniversary
  • Coding and documentation
  • Business of Endocrinology
  • Telehealth
  • Physicians Financial News
  • Cybersecurity
  • Cardiovascular Clinical Consult
  • Locum Tenens, brought to you by LocumLife®
  • Weight Management
  • Business of Women's Health
  • Practice Efficiency
  • Finance and Wealth
  • EHRs
  • Remote Patient Monitoring
  • Sponsored Webinars
  • Medical Technology
  • Billing and collections
  • Acute Pain Management
  • Exclusive Content
  • Value-based Care
  • Business of Pediatrics
  • Concierge Medicine 2.0 by Castle Connolly Private Health Partners
  • Practice Growth
  • Concierge Medicine
  • Business of Cardiology
  • Implementing the Topcon Ocular Telehealth Platform
  • Malpractice
  • Influenza
  • Sexual Health
  • Chronic Conditions
  • Technology
  • Legal and Policy
  • Money
  • Opinion
  • Vaccines
  • Practice Management
  • Patient Relations
  • Careers

IT pros overconfident about their ability to detect and remediate malware attacks


Health care continues to be a top target for hackers, and IT professionals may overestimate their abilities to prevent attacks from happening.

When it comes to detecting and remediating malware attacks, many IT professional were overconfident and overly optimistic, according to the 2023 Ransomware Report from Cybersecurity Insiders and BullWall.

Hacker: ©Zetha Work - stock.adobe.com

Hacker: ©Zetha Work - stock.adobe.com

For attack detection, 77% of respondents incorrectly believe their endpoint security solution can sufficiently protect their servers against malware attacks. There is also a substantial gap in confidence between detection and remediation, with 76% saying they were confident in the organization’s ability to prevent an attack, but only 35% saying they were confident in the ability to remediate ransomware after it locks or encrypts data within their systems.

According the report, recovery time expectations were overly optimistic, with 35% saying they believe they can recover from an attack in a few days despite research showing the average is weeks or months. The vast majority (79%) say a threat is moderately to extremely likely to happen to their organization within the next year.

Respondents also saw their data at risk, with 69% reporting that financial information is at risk, 61% saying customer information is at risk, and 56% saying employee information is at risk. If hit with ransomware, respondents said the biggest negative impacts were downtime (82%), financial losses (75%), and reputational damage (68%).

When it comes to building better defenses, 47% cite the evolving sophistication of attacks and 45% cite budget constraints.

“Organizations are becoming almost resigned to the eventuality of a ransomware attack, and are starting to indicate that the golden standards of prevention are not enough,” Cybersecurity Insiders Principal Holger Schulze said in a statement. “These findings emphasize the importance of shifting from a purely preventative approach ... to a more layered, comprehensive strategy that includes rapid containment of ongoing attacks. By implementing solutions that can quickly shut down active attacks, organizations can limit the damage inflicted and reduce recovery time, better protecting their valuable data, operations and reputation.”

Last year, there were over 217 million attacks in the U.S. alone according to experts.

435 cybersecurity professionals in technology, financial services, health care, pharma and biotech, education, retail, non-profits and other sectors participated in the research.

Related Videos
Kyle Zebley headshot
Kyle Zebley headshot
Kyle Zebley headshot
Michael J. Barry, MD
Hadi Chaudhry, President and CEO, CareCloud
Claire Ernst, JD, gives expert advice
Arien Malec