CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
News Releases

New Trustwave Report Reveals Health Care Security Gaps

CHICAGO - October 13, 2015 - Trustwave® today released the 2015 Security Health Check Report-based on a survey of 398 full-time health care professionals-that quantifies the security snags and shortcomings facing the health care industry. According to the study, 91 percent of technical respondents believe criminals are increasingly targeting health care organizations; however, only 10 percent or less of their IT budget goes toward cybersecurity and protecting their patients' highly sensitive information.

The size of the global electronic healthcare record (eHR) system will grow at an annual rate of 5.5 percent and reach $22.3 billion by the end of 2015, up from $18.8 billion in 2012, according to a study by Accenture. With incentives from the federal Affordable Care Act to move away from paper records, organizations are increasingly adopting eHR systems to track patient information. As businesses make the shift, the expanding threat surface is creating a critical need for health care entities to test everything across databases, networks and applications.

"Today's health care industry is under attack. From hospitals to physicians to urgent care clinics, health care organizations are swimming in private data and must make security a priority in order to protect it," said Steve Kelley, senior vice president of product and corporate at Trustwave. "Security challenges are nothing new for any business but the level of distress exponentially increases when someone's life may actually depend on the protection of sensitive data."

Key findings in the 2015 Security Health Check Report from Trustwave include:

  • Health care under fire: 91 percent of technical respondents believe criminals are increasingly targeting health care organizations, compared to 77 percent of non-technical respondents who believe similarly.
  • Patients are a virtue: 79 percent of technical respondents and 77 percent of non-technical respondents are most concerned about losing patient data, above other types of information, if their organization is breached.
  • Cognitive disconnect: 77 percent of non-technical respondents believe criminals are increasingly targeting health care organizations, but an overwhelming majority (86 percent) believe their organization has not experienced a breach.
  • No compromise over compromised data: 74 percent of technical respondents are concerned about their organization getting breached, compared to 51 percent of non-technical respondents.
  • Security expertise gap: 35 percent of technical respondents said their company does not have enough staff and security expertise dedicated to security.
  • Guessing, not testing: More than a third (34 percent) of technical respondents say their business performs vulnerability testing just once a year.
  • Under the knife: Nearly a quarter (23 percent) of technical respondents said their organization has experienced a breach, yet studies have shown the rate to be much higher.
  • Fatal budget diagnosis: Half of technical respondents said 10 percent or less of their overall IT budget goes toward cybersecurity. And 27 percent reported their annual security budget has not changed in the past year.
  • Don't blame us: 65 percent of non-technical respondents believe that external threats pose more of a concern than insider threats (35 percent).
  • Health care lacks the cure: A quarter of non-technical respondents believe their organizations don't have incident response plans.

To obtain as complete a perspective as possible, the report is organized into two sections: One features technical respondents (predominantly CIOs, CISOs, IT managers, IT directors and IT vice presidents), while the other features non-technical respondents (predominantly doctors, nurses, senior executives, board members, office managers, office administrators, and finance professionals).

To download a complimentary copy of the report, which includes a list of recommendations for health care organizations, visit: New Trustwave Report Reveals Health Care Security Gaps


Trustwave commissioned a third-party research firm to survey 398 full-time health care professionals. The objective of the survey was to measure the challenges facing health care organizations of all sizes and the security awareness and expectations of their employees. Survey takers consisted of 198 technical respondents and 200 non-technical respondents. The survey was deployed through emails and analyzed in September 2015. Results have a margin of error of +/- 5 percent.

About Trustwave

Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit


All trademarks used herein remain the property of their respective owners. Their use does not indicate or imply a relationship between Trustwave and the owners of such trademarks.

Latest News Releases

Trustwave Named a Major Player in New IDC MarketScape on Worldwide Cybersecurity Consulting Services

CHICAGO – April 3, 2024 – Trustwave, a leading cybersecurity and managed security services provider, was named a Major Player in the IDC MarketScape: Worldwide Cybersecurity Consulting Services 2024...

Read More

Trustwave Adds Threat Intelligence as a Service to its Offensive Security Offering Portfolio

CHICAGO – April 2, 2024 – Trustwave , a global cybersecurity and managed security services leader, today announced the launch of Trustwave Threat Intelligence as a Service (TIaaS). Trustwave TIaaS...

Read More

Trustwave Welcomes General Availability of Microsoft Copilot for Security

Chicago — April 1, 2024 — Trustwave, a leading cybersecurity and managed security services provider, today celebrates the general availability (GA) of Microsoft Copilot for Security. Trustwave was a...

Read More