Summary Bullets:

• A recent RiskRecon study of 1,454 serious ransomware cases finds that healthcare provider organizations account for more than 18% of these incidents, by far the most targeted sector.

• Geography was not a factor with healthcare providers under fire around the globe.

As an industry, healthcare is not exactly known as information technology-forward. The sector lags other verticals in IT adoption and innovation outside of medical technology, extending to cybersecurity where gaps in controls have rendered healthcare institutions vulnerable to ransomware and other types of attacks. Recently published research from risk management provider RiskRecon bears this out, showing that more than any other segment, healthcare providers are targeted in what the company terms “destructive ransomware events” in which the compromised institution’s operations are disrupted because of encryption of essential systems. The study, examining 1,454 destructive ransomware events that have occurred between 2016 and 2023, find that even if an organization has an excellent security posture itself, if there are any vulnerabilities in its supply chain, then it could be successfully targeted.

Continue reading “Healthcare Organizations Struggle to Evade Ransomware” →