Canadian Security Magazine

Virtual Summits
Focus On Healthcare Security Event 2021
December 2, 2021 at 1:00pm ET

2:50pm – 3:00pm
Case Study: Metallic

Speaker: Zack Brigman, Sr. Product Marketing Manager at Metallic, A Commvault Venture

Ransomware & Healthcare: Key Data Protection Considerations for Today's Business

Is There a Cure for Ransomware in the Healthcare Industry?

Dealing with the reality of targeted attacks in healthcare
Ransomware is an ugly fact of our increasingly digital and interconnected industries, especially those dealing with more strict regulatory oversight, like healthcare. Like many businesses, healthcare organization are at risk, and providers often struggle to figure out the best way to keep their medical files and patient data safe from breaches. Since 2016, over 1,500 healthcare organizations have been victims of successful ransomware attacks.1

Why so? Healthcare institutions are responsible for administering critical patient care and maintain highly sensitive data. Interruptions to operations can have severe impact on a provider’s ability to treat patients and can often warrant 8-figure ransoms to re-gain access to files and networks. And that payout doesn’t even guarantee cybercriminals will restore your data, leaving the provider dealing with corrupted patient records, impaired administrative effectiveness, revenue loss, and mounting regulatory fines and lawsuits. In fact, last year alone, ransomware alone cost healthcare providers $20.8 billion in downtime.2

Why is healthcare a prime target?
The very nature of healthcare’s data and interconnected networks make it a top target. Providers are trying to integrate new technologies and digital-first initiatives to better serve patients, but increased reliance on SaaS apps and cloud, among other trends, make safeguarding patient data more complicated than ever. And with fragmented internal productivity tools, separate applications and support for different facilities and disparate data storage properties, the surface area for attackers is growing.

What’s worse is that bad attackers recognize the value of sensitive medical data, as well as the crisis that holding healthcare data hostage can cause, motivating providers to potentially pay out the financial demands to restore critical patient care as quickly as possible. Unfortunately, even if a ransom is paid, the threat often doesn’t stop there. Once a healthcare organization is victimized by a breach, it often ends up being targeted in the future with different, or more sophisticated attack schemas.

What’s the cure for healthcare ransomware?
The ransomware readiness requires a proactive and layered approach. Healthcare organizations can take significant steps in their ransomware readiness strategy by implementing solutions that not only help prevent attack, but safeguard data in the event of a breach. Data management solutions, like Metallic, offer robust data protection capabilities and largely represent a providers last line of defense.

With Metallic DMaaS (data management-as-a-service), from Commvault, providers and institutions get enterprise-grade data protection, with the simplicity of SaaS. Built on a hardened, multi-layered approach to security, Metallic provides proven controls to both preserve data from external and internal threats, while ensuring data is highly available and recoverable. And with broad coverage across your entire estate, Metallic breaks down data silos to comprehensively protect data from a single solution. IT enables today’s healthcare providers to better protect their data, detect risks early, and recover fast – to mitigate this risk of a successful breach.

Metallic ransomware data protection provides healthcare organizations: 

  • A hardened, multi-layered approach to security to protect and preserve data from external and internal threats
  • Breadth of coverage on-premises and cloud environments
  • Compliance to be compatible to meeting internal requirements, retention SLAs, and prevailing local, global, regional and government data handling standards (such as HIPAA)

Learn how Metallic delivers a proven approach for healthcare organization’s data security.

Contact us at

1. Health IT Security February 2020. “Ransomware attacks cost healthcare sector at least $160m since 2016.”
2. Becker’s Health IT, July 28, 2021. “Ransomware attacks cost healthcare orgs $20.8B in 2020.”