SANS Institute has invited participants to complete its second information security survey, available until October 8, 2014.
The survey aims to help take the healthcare industry to the next level with their risk management and security programs.
This year’s survey will re-examine some of the issues identified in 2013 to see if and how changes and improvements were made, including: have threats and risks changed since last year’s survey? Have IT groups updated their technologies and practices around their most critical systems identified in last year’s survey; and how are they improving/addressing their top priorities identified in 2013?
In SANS Institute’s first survey on the state of security in healthcare information systems, 373 respondents reported that their security healthcare security and risk management programs are primarily driven by compliance. They also reported that compliance isn’t working.
“Healthcare organizations and their partners are far behind the security curve compared to other industries,” said Barbara Filkins, author of the survey. “They need to better understand the risks of new technologies like e-Health, mobility and cloud-based exchanges, while also managing legacy systems and vulnerabilities, including in their connected medical devices.”
“Healthcare organizations are counting most on user awareness to improve their risk posture based on our 2013 survey,” added Deb Radcliff, executive editor of the SANS analyst program, which produced the survey. “SANS thinks relying so heavily on user education without involving other controls is not enough to protect these organizations from user-induced errors and threats.”
Click here to take the survey.
SANS Institute, US, Barbara Filkins
