When Ransomware Wreaks Havoc on Hospitals

Dayton Children's Hospital CIO J.D. Whitlock shares insights on cybersecurity in healthcare, including managing ransomware threats.
1 min read
Last updated June 4, 2025
Megan Garza and J.D. Whitlock

Welcome to Speed Data: Quick Conversations With Cybersecurity Leaders. Like speed dating, our goal is to capture the hearts of CISOs with intriguing, unique insight in a rapid format for security professionals pressed for time.

This week, our guest is J.D. Whitlock, the Chief Information Officer at Dayton Children's Hospital. With a background in the military, healthcare administration, and IT, J.D. offers an in-depth perspective on the importance of cybersecurity in healthcare. Read on to learn how he minimizes the damage at his hospital when ransomware rears its ugly head.

 

The repercussions of ransomware

Healthcare is one of the most highly targeted sectors by ransomware, and the effects of an attack can be widespread and crippling. When not only critical data but also lives are at stake, security couldn’t be more important, said J.D. Whitlock, the Chief Information Officer for Dayton Children's Hospital.

“In healthcare, we are very concerned about ransomware attacks,” he said.

A ransomware attack that takes a hospital down for a period of weeks can result in significant interruptions to care.

J.D. Whitlock, Dayton Children's Hospital CIO

 

J.D. recognizes that no matter how much an organization prioritizes data security, it’s not a matter of if a breach will occur but when.

“In today's environment, you're never going to stop the bad guys from getting over that first wall with the sophistication of an attacker getting past MFA,” he said. “So, we are always doing everything we can to defend our environment and keep the bad guys out of the family jewels.”

A rewarding role

Though J.D. has been working in information technology for more than two decades, his path to CIO almost didn’t happen.

“I certainly didn't start out in information technology,” J.D. said. “I started as a naval officer, driving ships around for a while, then I got a master's in healthcare administration.”

“After a while, I got into the IT side of healthcare administration, and now, I’ve been doing it for 25 years.”

And though J.D. and his team don’t work directly with the injured or ill, their behind-the-scenes efforts help contribute to patient care.

In our field, you get the benefit of helping the caregivers take care of patients.

J.D. Whitlock, Dayton Children's Hospital CIO

 

“It's certainly a rewarding career in terms of being excited to come to work every day,” he said.

What should I do now?

Below are three ways you can continue your journey to reduce data risk at your company:

1

Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.

2

See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.

3

Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

creating-custom-gpts-and-agents-that-balance-security-and-productivity
Creating Custom GPTs and Agents That Balance Security and Productivity
Custom GPTs and AI agents compound productivity, but with that comes added risk. Learn about ChatGPT's custom GPTs and how to build them with data security in mind.
from-snowden-to-signalgate:-what-we-still-haven’t-fixed-in-cybersecurity
From Snowden to Signalgate: What We Still Haven’t Fixed in Cybersecurity
Explore major data breaches, their common thread, and practical solutions for data-centric security.
varonis-incident-response:-preventing-pii-exposure-in-box 
Varonis Incident Response: Preventing PII Exposure in Box 
Learn how the Varonis Incident Response team prevented PII from being compromised, and what this means for data in cloud collaboration platforms like Box.
how-to-prepare-for-major-shift-in-chatgpt-enterprise-data-access
How to Prepare for Major Shift in ChatGPT Enterprise Data Access
ChatGPT Enterprise is changing in the way it retrieves data and surfaces information to users in prompt responses. Learn about the new connectors and risks.