[fusion_builder_container hundred_percent=”no” hundred_percent_height=”no” hundred_percent_height_scroll=”no” hundred_percent_height_center_content=”yes” equal_height_columns=”no” menu_anchor=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=”” background_color=”” background_image=”” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” enable_mobile=”no” parallax_speed=”0.3″ video_mp4=”” video_webm=”” video_ogv=”” video_url=”” video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” video_preview_image=”” border_size=”” border_color=”” border_style=”solid” admin_toggled=”no”][fusion_builder_row][fusion_builder_column type=”1_1″ layout=”1_1″ spacing=”” center_content=”no” link=”” target=”_self” min_height=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=”” background_color=”” background_image=”” background_position=”left top” background_repeat=”no-repeat” hover_type=”none” border_size=”0″ border_color=”” border_style=”solid” border_position=”all” padding_top=”” padding_right=”” padding_bottom=”” padding_left=”” margin_top=”” margin_bottom=”” animation_type=”” animation_direction=”left” animation_speed=”0.3″ animation_offset=”” last=”no”][fusion_text columns=”” column_min_width=”” column_spacing=”” rule_style=”default” rule_size=”” rule_color=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=””]

CynergisTek’s Annual Report Lifts the Veil on Healthcare System and the State of Cybersecurity Distress; Supply Chain Proves to be Major Vulnerability

AUSTIN, TX (September 17, 2020) – Today, CynergisTek, a leading cybersecurity firm helping more than 1,000 hospitals navigate emerging security and privacy issues, released their new annual report, “Moving Forward: Setting the Direction.” The third annual report revealed that only 44 percent of providers across the continuum, including hospital and health systems, conformed to protocols outlined by the National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF) – with scores in some cases trending backwards since 2017.

Analysts examined nearly 300 assessments of providers across the continuum, including hospitals, physician practices, ACOs and Business Associates assessed by CynergisTek against the NIST CSF.

The report also found that healthcare supply chain security is one of the lowest ranked areas for NIST CSF conformance. This is a critical weakness, given that COVID-19 demonstrated just how broken the healthcare supply chain really is with providers buying PPE from unvetted suppliers

CynergisTek’s report revealed bigger healthcare institutions with bigger budgets didn’t necessarily perform better when it comes to security, and in some cases, performed worse than smaller organizations or those that invested less. In some cases, this was a direct result of consolidation where systems directly connect to newly-acquired hospitals without first shoring up their security posture and conducting a compromise assessment.

Leading factors influencing performance include poor security planning and lack of organizational focus, inadequate reporting structures and funding, confusion around priorities, lack of staff and no clear plan.

To overcome these challenges, key strategies to bolster healthcare security and achieve success include:

About Methodology

CynergisTek’s Annual Report and the rankings are based on aggregating maturity ratings of nearly 300 security risk assessments performed by CynergisTek in 2019, using the NIST Cyber Security Framework as the benchmark standard.  Based on those assessments and using a six-point scale (using 0 – 5, with 0 – Incomplete to 5 – Optimized Process), the team examined if processes were in place to meet desired outcomes and continuously improved to achieve current and projected goals. All of the subjects of this analysis were also measured against the HIPAA Security Rule. CynergisTek calculated the national average of the nearly 300 assessments, which accounts for providers across the entire continuum of care including Business Associates, Critical Access Hospitals, and Academic Medical Centers, Health Systems, Physician Groups and Payers.

About CynergisTek

CynergisTek is a top-ranked cybersecurity firm dedicated to serving the information assurance needs of the healthcare industry. CynergisTek offers specialized services and solutions to help organizations achieve privacy, security, and compliance goals. Since 2004, the company has served as a partner to hundreds of healthcare organizations and is dedicated to supporting and educating the industry by contributing to relevant industry associations. The company has been recognized by KLAS as a top-performing firm in healthcare cybersecurity and was awarded the 2019 Top Healthcare Cybersecurity Consultants in Black Book IT Advisory Outcomes Survey.


Media Contact:
Allison + Partners
Jaime Tero