A survey of nearly 200 healthcare IT leaders reveals trends in healthcare cloud security; report offers actionable solutions to address overconfidence and emerging risks

AUSTIN, TexasSept. 18, 2024 — ClearDATA®, the leading healthcare-specialized, cloud managed security services provider offering security and compliance software purpose-built for healthcare and managed cloud operations, today announced the release of its 2024 State of Healthcare Cloud Security and Compliance Posture Report. This comprehensive report, published by ClearDATA with support from Healthcare Innovation, is informed by a recent survey of over 180 healthcare IT leaders, offering critical insights into the current state and future trends of cloud security and compliance within the healthcare industry.

The report highlights an increase in healthcare cyberattacks, emphasizing the urgent need for improved security measures in the sector. Confidence in cloud security and compliance programs is high; however, many organizations continue to struggle with cloud misconfigurations and security incidents, pointing to a significant gap in cybersecurity practices.

While there is a notable increase in cybersecurity budgets and staff training, a high number of cloud vulnerabilities and security incidents indicate that a comprehensive approach, going beyond a reactive posture to include proactive and resiliency strategies, is critical. The research also suggests that investing in internal trainings may not be sufficient, begging the question: Are in-house IT teams fully equipped to handle the complex nature of healthcare cybersecurity and compliance now and into the future?

Key insights from the report include:

  • Cybersecurity budgets on the rise: 92% of organizations have increased their cybersecurity budgets year over year, which indicates a growing concern with the effectiveness of their cyber resiliency.
  • Multiple security incidents per year: Despite heightened spending, healthcare organizations are experiencing an average of 3-5 security incidents per year, highlighting a gap between investment and outcome.
  • Misconfigurations persist, but concern is low: Nearly 80% of surveyed organizations reported at least one cloud misconfiguration in the past year, highlighting a significant vulnerability, as other research has shown they are a root cause of cyber incidents and breaches. Yet, only 4% of respondents reported that they were most concerned about misconfigurations leading to unauthorized access.
  • More investment in security software: In response to misconfigurations, 54% of organizations have implemented new cloud security tools or software to remediate cloud risks and issues and to better bolster their defenses.
  • Internal training up but likely ineffective: A significant portion of budget increases are allocated to staff training, with 68% of organizations focused on this effort, highlighting that investments in upskilling in-house staff are increasing, even though they may not be a sufficient approach to preventing security incidents today and into the future.

“This research highlights the critical need for a transformative shift in how we approach healthcare cybersecurity,” says Chris Bowen, Founder & Chief Information Security Officer of ClearDATA. “As cyber threats in healthcare grow increasingly frequent and complex, relying on outdated strategies is no longer an option. Organizations must step up their game on security and compliance—or risk being left vulnerable. The good news is that powerful solutions and expert partners are available. By taking decisive action and leveraging specialized cloud security expertise tailored to healthcare, organizations can dramatically strengthen their defenses and safeguard their data and patients.”

“These findings reinforce and underscore everything we’re hearing from data security leaders in patient care organizations nationwide about the current state of cybersecurity,” says Mark Hagland, Editor-in-Chief of Healthcare Innovation. “The threats and actual attacks are intensifying, and all those involved in cybersecurity efforts in patient care organizations need to meet this moment in order to survive and thrive.”

To view the full report, visit cleardata.com. The survey was conducted in the United States by Endeavor Business Intelligence on behalf of ClearDATA and Healthcare Innovation. Endeavor emailed invitations to participate in an online survey to members of the Healthcare Innovation database. A panel of industry experts was also used to help with data collection. By May 20, 2024, Endeavor Business Intelligence had received 181 qualified responses to the survey.

About ClearDATA
ClearDATA is the leading healthcare-specialized, cloud managed security services provider offering security and compliance software purpose-built for healthcare and managed cloud operations, enabled by the powerful CyberHealth™ Platform. Our cloud security posture management (CSPM), managed detection and response (MDR) and cloud operations solutions offer full visibility, protection, automation, remediation, and enforcement of security and compliance measures to protect PHI and other sensitive healthcare data in the public cloud. To learn more about our expert teams, managed and professional services, and CSPM platform, visit cleardata.com.

Media Contact:
Erin Farrell Talbot for ClearDATA
917-232-9309
erin@farrelltalbot.com