Arcserve Survey: Healthcare Industry’s Ransomware Defenses Need More Preventative Action
September 2023 by Arcserve
Arcserve released findings from its annual independent global research focusing on the healthcare sector’s approach and experience of data protection, recovery, and ransomware readiness. The findings reveal gaps, vulnerabilities, and misconceptions in the healthcare sector, potentially hindering its ability to effectively safeguard and recover data in the event of malicious attacks and accidental data outages stemming from human error or natural events.
Key findings include:
• Prevalence: across all industry sectors, healthcare was the most targeted by ransomware attacks
o 45% of healthcare respondents experienced a ransomware attack in the past 12 months.
• Impact: high ransom demands, no guarantee of recovery
o 83% of ransom demands were between $100,000 - $1M
o 67% paid the ransom
o 45% did not recover all their data after ransomware attacks
Against this threat backdrop, there were apparent preparedness weaknesses
• 82% of healthcare IT departments lack an updated disaster recovery plan
• Nearly 75% of respondents believe data backed up to a public cloud is safer than data backed up on-prem
• More than 50% of respondents mistakenly believe the cloud provider is responsible for recovering their data
Said Vitali Edrenkine, Chief Marketing Officer at Arcserve: "In the face of growing number and sophistication of ransomware attacks, the healthcare industry continues to grapple with inadequate data protection and recovery mechanisms. An ounce of prevention may be worth a pound of cure – but our latest market research shows that when it comes to ransomware resilience, too many healthcare institutions have neither. A robust backup and disaster recovery strategy is critical for healthcare organizations to build resistance to malicious attacks."
Arcserve advocates for a transformative ’unified data resilience’ approach within the healthcare sector to bolster preparedness. By adopting a unified data resilience strategy, organizations strengthen their defensive posture and have the necessary tools to expedite data recovery in the aftermath of ransomware attacks.