tostphoto - stock.adobe.com

Healthcare Organizations Increase IT Budgets As Cybersecurity Concerns Rise

As healthcare organizations continue to focus on digital transformation, IT budgets are steadily increasing to reflect cybersecurity challenges and cloud deployment goals.

Catalyzed by ongoing technological innovation and the COVID-19 pandemic, the healthcare sector has steadily increased its digital transformation efforts in recent years. Cloud adoption, telehealth, and automation are now commonplace across the industry.

As the healthcare sector enters the next phase of digital transformation, IT budget priority data can provide key insights into what’s to come. TechTarget’s 2023 IT Priorities Study, which represents responses from 132 healthcare technology decision-makers across the world, revealed that 41 percent of healthcare organizations are planning to increase their IT budgets.

As companies brace for an economic downturn, the following focus areas remain top-of-mind for healthcare IT decision-makers.

Application, Network, Identity-Related Security Investments

More than 60 percent of respondents identified cybersecurity as a technology initiative that has become “significantly more important” to their organization’s future over the past two years. This is unsurprising, considering reports of advanced cyber threat groups targeting healthcare. What’s more, 39 million individuals have been implicated in healthcare data breaches reported to HHS in the first six months of 2023 alone.

With security as the number one factor impacting healthcare provider purchases, organizations appear to be turning their attention to investments in tools pertaining to application security, network security, SecOps, and identity.

Nearly half of the survey respondents pointed to vulnerability management technologies as an application security initiative that they plan to deploy in the next 12 months.

“Proactive security measures like vulnerability management are experiencing higher rates of attention as security teams prepare for increased breach attempts during the looming economic downturn,” the study noted.

In terms of network security, healthcare organizations reported a strong interest in firewalls, network traffic analysis, and secure remote access technology. Meanwhile, in the SecOps space, IT decision-makers have been turning their attention to SIEM technologies, endpoint security, and threat intelligence.

Given the prevalence of phishing in the healthcare sector, healthcare IT decision-makers are investing in email security tools at high rates, along with data privacy and identity governance and encryption. In the identity space, multi-factor authentication adoption remains high, as well as single-sign-on and privileged account management.

Focus On Cloud Security

Forrester’s State of Cloud in Healthcare 2023 report revealed that 73 percent of surveyed organizations were using multiple public cloud providers. Researchers found that cloud decision-makers at healthcare organizations are spending $9.5 million annually across clouds on average.

TechTarget’s data aligns with the rising popularity of cloud adoption. Nearly 30 percent of respondents reported plans to invest in hybrid cloud deployments in the next 12 months. In addition, 27 percent of respondents reported planned investments in off-premises cloud infrastructure.

Cloud technologies can help organizations streamline processes, maintain business continuity, and even improve security, if implemented properly. As such, healthcare organizations also reported prioritizing a variety of cloud security initiatives in the coming months, including cloud data loss prevention and cloud visibility and monitoring investments.

As healthcare organizations continue to implement new cloud infrastructures and cloud-based storage, a focus on cloud security is necessary to ensure compliance and data privacy.

People, Process, Culture Remain Top Security Considerations

Investments in cybersecurity tools can go a long way. However, IT buyers also cited the importance of bolstering their organization’s security posture via workforce training, process improvements, and maintaining a culture of cybersecurity.

Nearly 3 out of 4 survey respondents reported focusing on expanding security training efforts, and nearly a third of respondents reported increasing budgets for training security staff. Gamification, leveraging various mediums, and collaborating across the business to improve security are proven ways to increase security awareness and reach a variety of audiences.

On the process improvement side, healthcare IT decision-makers expressed plans to improve security visibility and monitoring across their organizations, reduce third-party risk exposure, and further their organization’s trust strategies.

In terms of culture-related activities, respondents reported plans to expand training efforts for corporate employees, raise the critical importance of security to board members and improve collaboration across teams.

Overall, the responses indicated that healthcare IT decision-makers are focused on not only investing in the technologies that will help them digitally transform, but also the people and processes that are equally crucial to a successful and secure digital transformation.

Next Steps

Dig Deeper on Cybersecurity strategies