Healthcare Organizations Lose 20% of their Sensitive Data in Every Ransomware Attack, Reports Rubrik Zero Labs
- Healthcare organizations experienced 50% more encryption events than the global average across 2023
- Cloud continues to drive inherent risk and security blind spots as 70% of all data is typically not machine readable by security appliances
- Leadership changes following cyberattacks are on the rise, with major personnel changes reported by 44% of organizations — up from 36% in 2022.
Rubrik Zero Labs’ new “The State of Data Security: Measuring Your Data’s Risk” report offers insights on real-world risks against data as the pace and volume of cyber events continues to increase globally, aided by the explosion of data in the cloud and the realities of modern computing environments.
“Despite the fallout of cyberattacks dominating headlines, data risk is an issue that continues to be murky — especially in terms of what security teams can actually change and what they cannot,” said
Healthcare Far Surpasses the Global Average in Sensitive Data
- Rubrik observed that healthcare organizations secure 22% more data than the global average.
- A typical healthcare organization saw their data estate grow by 27% last year.
- A typical healthcare organization has more than 42 million sensitive data records — 50% more sensitive data than the global average of 28 million.
- Sensitive data records in observed healthcare organizations grew by more than 63% in 2023 — far surpassing any other industry and more than five times the global average (13%).
- Ransomware attacks against observed healthcare organizations have an estimated impact of almost five times more sensitive data than the global average.
- This equates to an estimated 20% of a typical healthcare organization's total sensitive data holdings impacted every time there is a successful ransomware encryption event, compared to 6% for an average organization.
- Virtualization really matters for healthcare and ransomware: 97% of all encrypted data in Rubrik observed healthcare organizations last year occurred within virtualized architecture compared to 83% across all industries.
As Cloud Becomes More Widely Adopted, New Security Blind Spots Emerge
- Organizations are becoming more dependent on the cloud. In 2023, Rubrik observed that cloud architecture stored 13% of an organization’s data, compared to 9% in 2022. Comparatively, on-premises declined from 77% in 2022 to 70% in 2023.
- Of the external organizations victimized in a cyberattack in 2023, many were attacked across multiple aspects of their hybrid environment with 67% of attacks impacting SaaS data, 66% for the cloud, and 51% for on-premises locations.
-
The cloud comes with inherent risk based on security blind spots and vulnerable sensitive data, according to Rubrik Telemetry:
- Blind spot #1: 70% of all data in a typical cloud instance is object storage, which typically has a far lower security coverage compared to other areas.
- Blind spot #2: 88% of all data in object storage is not confirmed as machine readable or covered by prominent security technologies and services.
- Blind spot #3: More than 25% of object storage data is subject to regulatory or legal requirements, such as protected health information (PHI) and personally identifiable information (PII).
Ransomware Continues to Wreak Havoc across Organizations — and IT and Security Teams
- 94% of IT and security leaders reported their organization experienced a significant cyberattack last year, and on average faced 30 attacks in that timeframe. One-third of these victims endured at least one ransomware attack.
- 93% of external organizations that endured a ransomware attack reported paying a ransom demand, with 58% of these payments motivated primarily by threats to leak stolen data.
- 96% of senior IT and security leaders reported changes to their emotional and/or psychological state as a direct result of a cyberattack, with 38% worrying over job security.
- Leadership changes increased following cyberattacks, reported by 44% of organizations — up from 36% in Rubrik Zero Labs’ Fall 2022 report “The State of Data Security: The Human Impact of Cybercrime.”
To read the full report, visit https://rubrik.com/zero-labs.
Report Methodology
“The State of Data Security: Measuring Your Data’s Risk” report by
The survey supplemented Rubrik telemetry, looking at more than 6,000 clients across 22 industries and 68 countries. The data includes over 42 exabytes of secured logical storage and more than 38 billion sensitive data records from January through
About Rubrik
Rubrik (NYSE: RBRK) is on a mission to secure the world’s data. With Zero Trust Data Security™, we help organizations achieve business resilience against cyberattacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine learning, secures data across enterprise, cloud, and SaaS applications. We help organizations uphold data integrity, deliver data availability that withstands adverse conditions, continuously monitor data risks and threats, and restore businesses with their data when infrastructure is attacked.
For more information please visit www.rubrik.com and follow @rubrikInc on X (formerly Twitter) and Rubrik on LinkedIn.
View source version on businesswire.com: https://www.businesswire.com/news/home/20240430451358/en/
Source: Rubrik