Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates

Ponemon Institute is pleased to announce the release of Flipping the Economics of Attacks, sponsored by Palo Alto Networks. In this study, we look at the relationships between the time spent and compensation of today’s adversaries and how organizations can thwart attacks. As revealed in this research, while some attackers may be motivated by non-pecuniary reasons, such as those that are geopolitical or reputational, an average of 69 percent of respondents say they are in it for the money.


Nearly 90 Percent of Healthcare Organizations Suffer Data Breaches, New Ponemon Study Shows

May 12, 2016, 9:10 am


Criminal attacks from the outside and negligence from the inside continue to put patient data in the crossfire, the newly released Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data reveals. For the sixth year in a row, data breaches in healthcare are consistently high in terms of volume, frequency, impact, and cost. Nearly 90 percent of healthcare organizations represented in this study had a data breach in the past two years, and nearly half, or 45 percent, had more than five data breaches in the same time period.

Estimates based on the results of this study suggest that breaches could be costing the healthcare industry a walloping $6.2 billion. The average cost of data breaches for covered entities surveyed is now more than $2.2 million while average cost to business associates in the study is more than $1 million.

Once again, criminal attacks are the leading cause of data breaches in healthcare—50 percent for healthcare organizations, a five-percent increase from last year’s study. Internal problems such as mistakes—unintentional employee actions, third-party snafus, and stolen computing devices—account for the other half of data breaches. In 2016, ransomware, malware, and denial-of-service (DOS) attacks are the top cyber threats facing healthcare organizations.

The full report can be found at

Warmest regards,

Dr. Larry Ponemon
Chairman & Founder
Ponemon Institute

Security (23)
Privacy (22)
global security (1)
Providers (1)