A new report by Fortified Health Security reveals that over 90% of healthcare organizations experienced a cyberattack in the past year, with 70% reporting disruptions to patient care. While healthcare providers have improved in areas like system recovery, incident response, and identity management, major vulnerabilities remain. The top five risks include lack of a unified risk strategy, outdated asset inventories, weak supply-chain oversight, poor training, and overreliance on new technology while neglecting legacy systems. These gaps, according to Fortified, continue to make hospitals attractive targets for ransomware attacks. The 2024 Change Healthcare breach highlighted the industry’s vulnerability to hidden but critical vendors. Despite recent progress, managing aging infrastructure remains a key challenge. The report draws from Fortified’s work with North American healthcare entities—from rural hospitals to large academic centers—between 2023 and mid-2025, using NIST Cybersecurity Framework-based scoring. Strengthened risk preparedness, Fortified concludes, remains essential to protecting care delivery and patient safety.
16-07-2025