Cyber Risk Landscape of the U.S. Healthcare Industry

This report surveys cybersecurity hygiene and risks within the U.S. healthcare sector, building on previous research regarding third-party breaches. It highlights that healthcare organizations face significant cybersecurity threats, particularly from ransomware attacks, which have shown to disrupt payment processes and compromise sensitive data. The report identifies key areas of concern affecting security ratings, with Application Security and Endpoint Security being the most critical factors. It notes that 9% of the organizations surveyed reported a breach or evidence of a compromised machine within the past year. The report categorizes the healthcare industry into four sectors: Pharmaceuticals & Biotechnology, Medical Devices & Supplies, Care Providers, and Health Insurance. It emphasizes the importance of understanding the distribution of security ratings across these sectors, revealing that medical device manufacturers often score lower due to their unique vulnerabilities. The findings aim to assist healthcare organizations in mitigating risks associated with third-party breaches and improving their overall cybersecurity posture.