cyber
TRENDS
Healthcare far surpasses the global average in sensitive data
• Rubrik observed that healthcare organisations secure 22 % more data than the global average
• A typical healthcare organisation saw their data estate grow by 27 % last year
• A typical healthcare organisation has more than 42 million sensitive data records – 50 % more sensitive data than the global average of 28 million
• Sensitive data records in observed healthcare organisations grew by more than 63 % in 2023 – far surpassing any other industry and more than five times the global average ( 13 %)
Ransomware produces outsized impacts against healthcare
• Ransomware attacks against observed healthcare organisations have an estimated impact of almost five times more sensitive data than the global average
• This equates to an estimated 20 % of a typical healthcare organisation ’ s total sensitive data holdings impacted every time there is a successful ransomware encryption event , compared to 6 % for an average organisation
• Virtualisation really matters for healthcare and ransomware : 97 % of all encrypted data in Rubrik observed healthcare organisations last year occurred within virtualised architecture compared to 83 % across all industries
As cloud becomes more widely adopted , new security blind spots emerge
• Organisations are becoming more dependent on the cloud . In 2023 , Rubrik observed that cloud architecture stored 13 % of an organisation ’ s data , compared to 9 % in 2022 . Comparatively , on-premises declined from 77 % in 2022 to 70 % in 2023
• Of the external organisations victimised in a cyberattack in 2023 , many were attacked across multiple aspects of their hybrid environment with 67 % of attacks impacting SaaS data , 66 % for the cloud , and 51 % for onpremises locations
• The cloud comes with inherent risk based on security blind spots and vulnerable sensitive data , according to Rubrik Telemetry :
• Blind spot # 1 : 70 % of all data in a typical cloud instance is object storage , which typically has a far lower security coverage compared to other areas
• Blind spot # 2 : 88 % of all data in object storage is not confirmed as machine readable or covered by prominent security technologies and services
• Blind spot # 3 : More than 25 % of object storage data is subject to regulatory or legal requirements , such as protected health information ( PHI ) and personally identifiable information ( PII )
Ransomware continues to wreak havoc across organisations – and IT and security teams
• 94 % of IT and security leaders reported their organisation experienced a significant cyberattack last year , and on average faced 30 attacks in that timeframe . One-third of these victims endured at least one ransomware attack
• 93 % of external organisations that endured a ransomware attack reported paying a ransom demand , with 58 % of these payments motivated primarily by threats to leak stolen data
• 96 % of senior IT and security leaders reported changes to their emotional and / or psychological state as a direct result of a cyberattack , with 38 % worrying over job security
• Leadership changes increased following cyberattacks , reported by 44 % of organisations – up from 36 % in Rubrik Zero Labs ’ Fall 2022 report The State of Data Security : The Human Impact of Cybercrime .
Rubrik Zero Labs , the company ’ s data security research unit formed to analyse the global threat landscape , reports on emerging data security issues to give organisations research-backed insights and best practices to secure their data against increasing cyber-events .
The more we talk about cyberthreats like ransomware , and its impact on industries like healthcare , the more we can collaborate to minimise the risk calculus .
WWW . INTELLIGENTCISO . COM 21