Arcserve Global Study Finds Healthcare Industry’s Ransomware Protection Efforts Need a Prevention Intervention


Arcserve has released the findings from our annual independent global research focusing on the status and experiences of the healthcare sector relating to data protection, data disaster recovery, and ransomware readiness. 

We commission these studies to keep our finger on the pulse of what our customers and partners deal with in the real world. The results help us understand the risks they face and their efforts toward prevention. 

More importantly, in this case, the results spotlight the healthcare sector's data protection gaps, vulnerabilities, and misconceptions. These issues can hinder a healthcare organization’s ability to safeguard and recover its data. 

If you’re responsible for ensuring your healthcare organization doesn’t face downtime or data loss, the research results should be a caution flag that motivates you to reexamine your prevention efforts. And those efforts need to consider everything from malicious attacks to data outages resulting from human errors to natural disasters.

Healthcare Is the Number One Ransomware Target (and the Impacts are Immense)

Sadly, the research found that healthcare is targeted most of all industry sectors by ransomware. Almost half—45 percent—of respondents said they experienced a ransomware attack in the past 12 months.

Those healthcare organizations that suffered an attack paid a steep price, with 83 percent of ransom demands between $100,000 and $1 million. Even more painful, 67 percent of those victims paid the ransom. Still, 45 percent didn’t recover their data after the ransomware attack. 

Protection Against Ransomware Depends on Disaster Recovery 

The research also uncovered a wealth of areas for improvement regarding data protection and disaster recovery. Most healthcare IT departments—82 percent—don’t have an up-to-date disaster recovery plan. That’s a vast vulnerability alone. Without a plan, recovery may not even be possible. 

Read our recent post, “The 5-Step Ransomware Disaster Recovery Plan Template,” as a starting point if your plan isn’t current. 

Misconceptions Expose Vulnerabilities

Nearly 75 percent of respondents believe data backed up to a public cloud is safer than data backed up on-premises. And more than 50 percent of respondents believe the cloud provider is responsible for recovering their data.

Neither is so. While cloud providers have robust data security measures, as Microsoft states, under the shared responsibility model, “You are responsible for protecting the security of your data and identities.” And, while on-premises data storage may be vulnerable to some degree, access can be an issue if you depend solely on the cloud for data storage. 

Fight Back With Unified Data Resilience

Arcserve recommends that your healthcare organization adopt a transformative Unified Data Resilienceapproach to prepare you for any data disaster. This approach gives you the tools to ensure fast, effective recovery if you are hit by ransomware.

“In the face of the growing number and sophistication of ransomware attacks, the healthcare industry continues to grapple with inadequate data protection and recovery mechanisms,” said Vitali Edrenkine, Chief Marketing Officer at Arcserve. “An ounce of prevention may be worth a pound of cure—but our latest market research shows that many healthcare institutions have neither when it comes to ransomware resilience. A robust backup and disaster recovery strategy is critical for healthcare organizations to build resistance to malicious attacks."

Get Expert Guidance

Arcserve technology partners are experts who can help you put the optimal ransomware prevention and data protection solutions in place for your healthcare organization’s unique needs.

Find an Arcserve technology partner here.