Skip to Main Content

Press Release

Arete and Cyentia release report revealing data-driven insights on Ransomware for Healthcare Organizations

Healthcare Sector Ransomware Spotlight Highlights Top Mitigations and Controls to Increase Cyber Resilience

Arete, a leading global cyber risk management company, released the first report in a series of Sector Ransomware Spotlights, in collaboration with cybersecurity research firm Cyentia. The report, focused on the healthcare sector, explores the most prolific ransomware families, ransom demand and payment trends, and the most impactful controls and mitigation tactics.

The data for this research comes directly from over 1,500 ransomware events investigated by Arete, of which the healthcare sector accounted for 13 percent.

Download the Healthcare Ransomware Sector Spotlight.

Key findings within the report:

  • Healthcare organizations had a 7% likelihood of paying a ransom.
  • Less than one in four healthcare organizations has MFA in place, while just over half report performing regular backups.
  • Having an EDR platform in place results in stronger protection and a reduced likelihood of paying a ransom.
  • Just because a ransomware family exists one day does not mean that it will exist with the same name or operate under the same capacity the next day.
  • Data encryption is the top technique used for impact. To mitigate the risk of data exfiltration, user training and data backups are two key controls to consider.

The report offers actionable takeaways for healthcare organizations as well as the cyber insurance professionals insuring these organizations. The data reveals the top ransomware variant impacting healthcare organizations changes from year to year, but what has not changed is that phishing is the most common way threat actors gain initial access to these organizations. Having multiple controls in place allows an organization to leverage the most negotiating power and is also an efficient way for insurance brokers to evaluate potential risk.

“Healthcare organizations are often targets of ransomware because the presence of sensitive information, including PII and PHI, can increase the likelihood of ransom payment,” said Arete’s Chief Data Officer, Chris Martenson. “In this report, we highlighted insights to educate these organizations on ransomware trends and how to protect their data. In today’s digital-first world, it is pivotal for healthcare organizations to build cybersecurity teams in-house or collaborate with a third-party security partner to implement effective mitigation tactics and controls,” Martenson added.

Download the Healthcare Ransomware Sector Spotlight.

About Arete

Arete transforms the way organizations prepare for, respond to, and prevent cybercrime. With decades of industry experience, our team combines hundreds of investigative, technical, and cyber risk management practitioners with best-in-class data and software engineers. This elite team of experts provides unparalleled capabilities to address the entire cyber incident life cycle, from incident response and restoration to advisory managed security services. We bring a relentless passion for innovation and a commitment to stopping cybercrime. We partner with the largest global insurance carriers, brokers, law firms, businesses, governments, and educational institutions in responding to incidents and charting a course to efficient and effective cyber resiliency.

To learn more, visit


Name: Annemarie Cyboron

Email: [email protected]

Phone: +1-646-907-9767