New Ponemon Institute Study Finds that Cyberattacks Cause More Than Twenty Percent of Impacted Healthcare Organizations to Experience Increased Mortality Rates


The average total cost for the most expensive cyberattack experienced was $4.4 million, including $1.1 million in lost productivity

SUNNYVALE, Calif., September 8, 2022Proofpoint, Inc., a leading cybersecurity and compliance company, and Ponemon Institute, a top IT security research organization, today released the results of a new study on the effect of cybersecurity in healthcare. The report, “Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care,” found that 89% of the surveyed organizations experienced an average of 43 attacks in the past 12 months, almost one attack per week. More than 20% of the organizations suffering the four most common types of attacks—cloud compromise, ransomware, supply chain, and business email compromise (BEC)/spoofing phishing—experienced increased patient mortality rates.

This study, which surveyed 641 healthcare IT and security practitioners, found that the most common consequences of attacks are delayed procedures and tests, resulting in poor patient outcomes for 57% of the healthcare providers and increased complications from medical procedures for nearly half of them. The type of attack most likely to have a negative impact on patient care is ransomware, leading to procedure or test delays in 64% of the organizations and longer patient stays for 59% of them.

“The attacks we analyzed put a significant strain on healthcare organizations’ resources. Their result is not only tremendous cost but also a direct impact on patient care, endangering people’s safety and wellbeing,” said Larry Ponemon, chairman and founder of the Ponemon Institute. “Most of the IT and security professionals regard their organizations as vulnerable to these attacks, and two-thirds believe that technologies such as cloud, mobile, big data, and the Internet of Things—which are all seeing increased adoption—further increase the risks to patient data and safety.”

Other key findings of the report are that:

  • The insecure Internet of Medical Things (IoMT) is a top concern. Healthcare organizations have an average of more than 26,000 network-connected devices. While 64% of respondents are concerned about medical device security, only 51% include them in their cybersecurity strategy.

  • Healthcare organizations feel both most vulnerable to and most prepared for cloud compromise. Seventy-five percent of respondents say their organizations are vulnerable to a cloud compromise, and 54% of respondents say that in the past two years their organizations experienced at least one cloud compromise. Organizations within this group experienced an average of 22 such compromises in the past two years. But just as they are the most vulnerable, organizations are also the most prepared for a cloud compromise, with 63% focused on taking steps to prepare for and respond to these attacks.

  • Ransomware is the second-biggest vulnerability. Seventy-two percent of those surveyed believe their organizations are vulnerable to a ransomware attack, and 60% say this is the type of attack that concerns them the most. Consequently, 62% have taken steps to prevent and respond to ransomware.

  • Low preparedness puts patients at risk. Although 71% of participants feel they are vulnerable to supply chain attacks, and 64% feel the same about BEC and spoofing phishing, only 44% and 48% have a documented response to those attacks, respectively.

  • Financial costs of cyberattacks are tremendous. The single most expensive cyberattack cost an average of $4.4 million in the past 12 months, with productivity loss creating the most significant financial impact ($1.1 million).

  • Training and awareness programs, along with employee monitoring, are the top two defenses. Organizations recognize careless and negligent employees pose a significant risk. Fifty-nine percent address employees’ lack of awareness, with 63% of them conducting regular training and awareness programs and 59% monitoring employee actions.

  • Lack of funding and resource continue to be a challenge. Fifty-three percent of participants said a lack of in-house expertise is a challenge and 46% said they lack sufficient staffing, with both deficiencies negatively affecting cybersecurity posture.

“Healthcare has traditionally fallen behind other sectors in addressing vulnerabilities to the growing number of cybersecurity attacks, and this inaction has a direct negative impact on patients’ safety and wellbeing,” said Ryan Witt, healthcare cybersecurity leader, Proofpoint. “As long as cybersecurity remains a low priority, healthcare providers will continue to endanger their patients. To avoid devastating consequences, healthcare organizations must understand how cybersecurity affects their patient care and take the steps toward better preparedness that protects people and defends data.”

To download Cyber Insecurity in Healthcare: The Cost and Impact on Patient Safety and Care, please visit:

For more information on Proofpoint’s healthcare solutions, please visit:

About Proofpoint, Inc.

Proofpoint, Inc. is a leading cybersecurity and compliance company that protects organizations’ greatest assets and biggest risks: their people. With an integrated suite of cloud-based solutions, Proofpoint helps companies around the world stop targeted threats, safeguard their data, and make their users more resilient against cyber attacks. Leading organizations of all sizes, including 75 percent of the Fortune 100, rely on Proofpoint for people-centric security and compliance solutions that mitigate their most critical risks across email, the cloud, social media, and the web. More information is available at

Connect with Proofpoint: Twitter | LinkedIn | Facebook | YouTube

Proofpoint is a registered trademark or tradename of Proofpoint, Inc. in the U.S. and/or other countries. All other trademarks contained herein are the property of their respective owners.

Estelle Derouet
Proofpoint, Inc.