HIMSS Research: How Cybersecurity Priorities Have Shifted in Response to COVID-19

A 2021 report by HIMSS outlines the most pressing concerns for security leaders, what they anticipate over the next several years, the investments and adaptations they plan to make and mitigation strategies they will establish.

2021 State of Cybersecurity Report: The COVID-19 Evolution was conducted in January 2021 to understand how cybersecurity priorities have shifted in response to COVID-19.

Of the survey’s respondents, 16 percent said they have evidence that over the past 12 months a security event resulted in financial loss; 19 percent said a hack or breach of a virtual meeting or telehealth appointment definitely or likely took place.

Among the various technologies used by their organizations, 84 percent of respondents said email — the most commonly used technology solution — introduces security or cybersecurity risk. And 70 percent said telehealth — the second-most commonly used technology solution — increases risk.

For three in four respondents, shifts in response to COVID-19 have increased the size or complexity of the computing edge.

This research was conducted online among IT security or cybersecurity decision-makers employed at U.S. hospitals, health systems and ambulatory care organizations. A total of 131 qualified respondents participated in this research.

Cybersecurity concerns have always been top of mind for security leadership, especially as healthcare organizations continue to combat prevalent ransomware attacks. COVID-19 has increased risk with an exponential rise in telehealth and remote patient monitoring use.

The rapid push to make these technologies interoperable with healthcare organizations’ existing information systems has opened the door to new channels of data vulnerabilities and altered the size and shape of their computing edge. Three in four respondents believe their organization needs to be spending more on cybersecurity in the next 2 to 3 years, though just 40 percent expect the necessary funding level to be reached. 

Learn more about the 2021 State of Cybersecurity Report.