By Jeff Wardon, Jr., Assistant Editor

Cyberattacks remain a real threat to healthcare facility operations as they can knock out IT systems, disrupt patient care and cost organizations millions of dollars. Keeping abreast of the current cyber threat trends is key to mounting an effective defense.  

According to Huntress’ 2025 report,  one-third of IT professionals reported that data breaches were their number one concern for 2025. Meanwhile, IT professionals also noted they were concerned about threats such as phishing (19 percent) and ransomware (15 percent). Supply chain attacks (five percent) were one of the least common concerns. 

The most common cyber incidents that organizations experienced in the last year were phishing attacks (40 percent). Other types included data breaches (20 percent), malware (19 percent), denial-of-service (DoS) attacks (12 percent) and ransomware attacks (12 percent). However, 37 percent of respondents reported no cybersecurity incidents whatsoever. 

Related Content: The Double-Edged Sword of AI in Healthcare Cybersecurity

Respondents said the biggest hurdles to adequate cybersecurity in healthcare include: 

• Keeping up with evolving threats – 45 percent 
• Data privacy concerns – 44 percent  
• Regulatory compliance – 28 percent 
• Third-party risk management – 28 percent 
• Budget constraints – 26 percent 
• Outdated systems – 24 percent 
• Integration challenges – 21 percent 
• Lack of employee cybersecurity awareness training – 20 percent 
• Resistance to change from employees or leadership – 15 percent 
• Difficulty hiring qualified cybersecurity professionals – 14 percent 

Improving the cybersecurity procedures for a healthcare organization is critical to successfully defending against cyber threats. Huntress recommends the following methods for protection: 

• Implement multi-factor authentication (MFA) 
• Regularly conduct cybersecurity training 
• Use endpoint detection and response (EDR) solutions 
• Patch systems regularly 
• Segment networks 
• Conduct routine security assessments 
• Back up data regularly 
• Develop a cyber incident response plan 

Jeff Wardon, Jr., is the assistant editor of the facilities market.