More than a third (34%) of healthcare leaders don’t know what data is at risk across their network.

Nearly half (46%) of healthcare executives say they are experiencing a significantly higher volume of attacks.

54% of healthcare organizations surveyed still rely on manual in-house processes to handle compliance management.

28% of healthcare executives say they are likely to invest in generative AI for social engineering attacks.

More than half (56%) of healthcare leaders say outdated infrastructure would delay breach recovery.

Nearly 1 in 5 of healthcare organizations lack a current or effective incident response plan.

19% of healthcare leaders say a cyberattack has already disrupted patient care.

In healthcare, 52% of organizations cite compliance with AI regulations as a major challenge.

Social engineering attacks (48%) and ransomware (34%) were the most common types of cyberattacks on healthcare organizations in the past year.

25% of healthcare executives say they are likely to invest in application security.

Nearly two-thirds of healthcare organizations surveyed maintain an in-house IT or cybersecurity team.

In the past year, 80% of healthcare organizations were targeted by at least one cyberattack.

54% of healthcare executives say they have very low to moderate visibility into the software supply chain.

The average cost of a healthcare data breach has reached $9.8 million. This average cost is nearly twice as high as the cross-industry average of $4.45 million, according to industry reports.

Medical identity theft victims face $13,500 in average costs and 200+ hours of resolution.

Over 259 million Americans — roughly 81% of the population — had their protected health information (PHI) compromised in 2024.

Nearly half of small healthcare practices lack sufficient cyber insurance

70% of patients say they would consider switching providers after a data breach.

Healthcare (9.3%) was the 5th most targeted industry.

Healthcare has 11.8% employee AI adoption.