#New York #healthcare #Cybersecurity #US #EY US

The Need for Enhanced Cybersecurity in Healthcare

In an era where data breaches are an increasing threat, cybersecurity has emerged as a crucial business imperative for healthcare organizations. Recent findings from the EY US-KLAS healthcare cybersecurity survey reveal that a staggering 81% of healthcare executives recognize the importance of integrating cybersecurity into their core business strategies. This shift from a purely defensive approach to a more integrated one is essential for improving operational efficiencies and delivering better patient outcomes.

The Financial Toll of Cyber Incidents

The survey highlights the significant financial ramifications of cyber incidents on healthcare entities. Approximately 72% reported experiencing moderate to severe financial impacts due to cyber threats within the past two years. Notably, operational disruptions affected 60% of the organizations, while 59% faced clinical consequences such as delayed treatments and diminished patient trust.

Furthermore, healthcare organizations reported an alarming average of five distinct types of cyber threats that have affected their operations over the last year, with phishing scams, third-party data breaches, and malware being the frontrunners. This necessitates a concerted effort to enhance cyber resilience throughout healthcare systems.

Strategic Prioritization of Cybersecurity

The survey, conducted by Ernst & Young LLP (EY US) and KLAS Research, assembled insights from 100 C-suite executives responsible for cybersecurity decisions within their organizations. Together, these findings underscore the urgent need for healthcare entities to elevate cyber resilience as a strategic focal point. As Nana Ahwoi, EY Americas Consumer and Health Cybersecurity Industry Leader, emphasizes, “Cybersecurity is more than a compliance checkbox — it drives safe care, patient trust, and long-term success.”

To this end, the report outlines several strategies that healthcare executives can utilize to enhance their cybersecurity posture:

1. Align Cybersecurity with Business Goals: By viewing cybersecurity not merely as a compliance issue but as a strategic imperative, organizations can effectively reduce risks and improve outcomes.
2. Address Digital Identity Challenges: The rise of AI-driven threats calls for innovative solutions powerful enough to tackle nonhuman identities.
3. Cyber as a Driver of Innovation: Cybersecurity should support advancements in AI, automation, and the delivery of care outside traditional settings.
4. Evolve Workforce Skills: Tackling talent shortages and investing in workforce upskilling is essential to combat cyber risks.
5. Shift from Compliance to Strategic Risk Management: Organizations must move beyond mere regulatory compliance to proactive risk management, ensuring a resilient operational framework.
6. Enhance Vendor Oversight: Strengthening vendor management is vital, given the interconnected nature of today’s healthcare systems.

Increasing Investments in Cybersecurity

As cyber threats evolve, healthcare organizations recognize the imperative of bolstering their monitoring and access control strategies. Sixty-eight percent of survey participants indicated that identity and access management would be their primary focus for increased investments in the coming year, with a notable 81% affirming that prioritizing cybersecurity within their business strategy assists in overcoming contemporary challenges. Moreover, over half (52%) of respondents pointed to workforce training and upskilling as an effective measure against cyber threats.

Key Insights from the Report

The report offers important insights, which include:

• - Reframing Cybersecurity as a Central Business Priority: Leaders need to acknowledge cybersecurity as integral to business strategy rather than an isolated IT problem. Its alignment with patient safety and operational resilience is paramount.
• - Proactive Investment is Essential: The widespread impact of cyber threats necessitates immediate investment and leadership alignment to avert disruptions.
• - Securing Healthcare Access: With AI and complex vendor ecosystems on the rise, prioritizing secure identity protocols and elevating vendor oversight becomes increasingly important.
• - Reinforcing Innovation and Trust: A solid cybersecurity framework allows safe adoption of new technologies and care delivery models, ultimately preserving patient trust and data integrity.

In conclusion, healthcare leaders are urged to prioritize workforce cyber training and readiness. This investment is essential for maximizing cybersecurity efficacy and ensuring safe patient care while enhancing overall system resilience. As the digital landscape continues to evolve, prioritizing a robust cybersecurity strategy is not just a recommendation; it is a necessity for safeguarding the future of healthcare.

For further insights, read the full report on the EY US Healthcare Cyber Resilience Survey.

About EY

EY is committed to building a better working world through the creation of value for clients, people, and society, along with fostering trust in capital markets. The organization leverages data, AI, and advanced technology to assist clients in shaping the future and addressing the pressing challenges of today and tomorrow.

Methodology

The survey was conducted with 100 C-suite executives, including players from payer, provider, medical device manufacturing, and pharmaceutical entities, focusing specifically on cybersecurity-related decision-making within diverse healthcare frameworks.

About KLAS

KLAS is dedicated to improving healthcare through data-driven insights. Partnering with thousands of healthcare professionals, KLAS collects valuable feedback on software and services aimed at enhancing vendor performance and fostering collaboration.