The 2017 Health Care Industry Cybersecurity Task Force report painted a damning picture of cybersecurity in healthcare, including the discovery that three out of four hospitals operate without a designated security leader.
Those providers have been forced to get creative with security, including sharing chief information security officers with other health organizations or elevating staff to fill the position (among other creative workarounds).
However, considering the number of breaches in the past few years and the continued onslaught of attacks, the health sector hasn’t made much progress. A Ponemon report found 75 percent of health providers admitted their IT security teams are understaffed, and they struggle to attract qualified candidates.
David Finn's comments are featured in this article.