Skip to main content
Back to Newsroom

Research Demonstrates Healthcare Sector Lags in Cybersecurity Investment Despite Higher Level of Risk for Attacks

September 19, 2023

Healthcare organizations slow to embrace cloud applications and services – face unique challenges to increase utilization

SAN JOSE, Calif.–(BUSINESS WIRE)–#SSE–Skyhigh Security today released the Skyhigh Security Cloud Adoption and Risk Report, Healthcare Edition, which investigates the state of cloud security in healthcare organizations, including patient care facilities and healthcare technology companies. This report explores the healthcare vertical data from Skyhigh Security’s The Data Dilemma: Cloud Adoption and Risk Report, which provides a comprehensive look at data security challenges across industries.


While healthcare parallels other sectors in cloud adoption trends, it faces distinct obstacles regarding data security and trust in the cloud. Cyber attackers often target healthcare organizations to attempt to steal highly prized data, such as personal health information (PHI), insurance claims data, clinical trial information, and more. And unfortunately, they’re often successful. The report shows that 86% of healthcare organizations have experienced data theft compared to only 80% across all industries. Software-as-a-Service (SaaS) security issues are also rising far more quickly in this sector than others. But despite the elevated threat level, only 51% of healthcare organizations are committed to investing more in cybersecurity, versus 56% across all industries.

To keep sensitive data secure and private, the healthcare sector has been hesitant to embrace cloud services. While other industries have seen a 50% average uptick in cloud services in use, the adoption rate in healthcare is only half of that, at 25%. However, there’s been steady movement to increase utilization. Although the healthcare industry still stores the least amount of sensitive data in the public cloud (47%) compared to all industries (61%), they are up from only 35% in 2019.

“Apprehension about cloud security remains high in the healthcare sector, but there are a variety of factors making greater trust in the cloud necessary—such as the increase in hybrid work and anytime, anywhere collaboration,” said Rodman Ramezanian, Global Cloud Threat Lead at Skyhigh Security. “Healthcare organizations have historically stored sensitive data on premises, but there’s been a shift to cloud and hybrid providers. By adopting unified, zero trust cloud security solutions, organizations can increase cloud use without putting sensitive data at risk and allow their leaders to focus on what’s most important—supporting the health and wellbeing of our communities.”

Top Challenges To Overcome

While healthcare’s adoption and trust in the cloud is trending in the right direction, the sector lacks critical visibility into who is using sensitive data, where it’s being stored and how secure their apps and services are. For example, healthcare organizations perform audits of their applications less frequently than their peers in other sectors and are less likely to use identity and access management to monitor access to resources. Other top challenges for healthcare include the following: Shadow IT, complex or outdated infrastructure, IT budget constraints and cybersecurity talent shortages.

The Treatment Plan

On the bright side, healthcare organizations recognize their heightened cybersecurity risks and are taking action to reduce data threats. The report finds that healthcare is most likely of all sectors to deploy data loss prevention (DLP) and encryption solutions, at 30% versus 23% for all industries. Like its peers, 40% of the healthcare sector is interested in adopting a zero trust approach.

The research presented in the report points to the advantages of a single, centralized Security Service Edge (SSE) solution that simplifies cloud security and enables security teams to apply consistent data protection controls and policies across the web, cloud, and private apps — from anywhere, any application, and any device.

To learn more, register for Skyhigh Security’s upcoming webinar on October 19 in Asia Pacific, North America and Asia Pacific and Japan.

Additional Resources:

Download the Report and Infographic

Read the Blog

Find out more about Skyhigh Security Service Edge

Methodology

Skyhigh Security commissioned independent market research agency Vanson Bourne to conduct this research, which is based on the results of 92 IT decision makers and IT specialists with cloud involvement from organizations in the United States, Brazil, United Kingdom, France, Germany, India, Australia, Japan, and Canada. These organizations have 500 or more employees and represent the healthcare sector. More information on the full research methodology can be found within the global report.

About Skyhigh Security

Skyhigh Security is focused on helping customers secure the world’s data. It protects organizations with cloud-native security solutions that are both data-aware and simple to use. Its market-leading Security Service Edge Portfolio goes beyond data access and focuses on data use, allowing organizations to collaborate from any device and from anywhere without sacrificing security. For more information, visit www.skyhighsecurity.com.

Contacts

Tracy Holden

Director of Corporate Marketing, Skyhigh Security

media@skyhighsecurity.com

Back to Newsroom

Trending Blogs

Industry Perspectives

Weighing the Benefits and Risks of AI Autopilots

Sekhar Sarukkai October 25, 2024

Industry Perspectives

In Defense of Critical Assets: New Edge Security Guidance from ACSC

Rodman Ramezanian October 22, 2024

Industry Perspectives

Security Risks and Challenges with AI Copilots

Sekhar Sarukkai October 16, 2024

Industry Perspectives

Foundational AI: A Critical Layer with Security Challenges

Sekhar Sarukkai October 10, 2024