As we wrap up another year and get ready for 2025 to begin, it is once again time for everyone’s favorite annual tradition of Health IT Predictions! We reached out to our incredible Healthcare IT Today Community to get their insights on what will happen in the coming year and boy did they deliver. We in fact got so many responses to our prompt this year, that we have had to narrow them down to just the best and most interesting. Check out the community’s predictions down below and be sure to follow along as we share more 2025 Health IT Predictions!
Check out our community’s Healthcare Cybersecurity predictions:
Bill Murphy, Director of Security and Compliance at LeanTaaS
As we enter 2025, AI is revolutionizing cyber threats in concerning ways. Cybercriminals are leveraging AI to craft highly persuasive phishing campaigns that overcome traditional red flags. With AI tools, attackers, especially those operating from outside the U.S., can generate highly convincing messages without easy-to-spot indicators like poor grammar or awkward phrasing. By analyzing targets’ digital footprints, AI enables highly personalized attacks that are increasingly indistinguishable from legitimate communications. The accessibility of AI tools has dramatically lowered barriers to entry for cybercrime, enabling less sophisticated actors to launch complex attacks that previously required significant technical expertise and resources.
Deepfake technology presents another critical threat, with AI-generated video and voice content enabling unprecedented impersonation attacks. Recent incidents involving fake video calls and voice cloning demonstrate the technology’s potential for sophisticated fraud. Perhaps most concerning is how AI’s perceived authority may lead users to accept its outputs without verification. As organizations integrate AI systems, they face a dual challenge: protecting against AI-enabled attacks while ensuring employees maintain critical thinking and verification practices rather than defaulting to blind trust in AI-generated content.
Joel Burleson-Davis, SVP Worldwide Engineering, Cyber at Imprivata
Identity security challenges in healthcare will make way for a passwordless future. A new GAO report revealed that the Department of Health and Human Services has faced challenges mitigating cybersecurity risks in the healthcare sector. One of the biggest struggles has been identity security, largely attributed to hospitals balancing large workforces, contractors, billing systems, strict compliance and privacy regulations, and the need for quick, always-on access to patient data across multiple shared devices.
While healthcare remains a top target for breaches, next year I anticipate an acceleration in the shift toward passwordless, whether it is adopting passwordless technology or preparing to adopt it, authentication across the healthcare industry. Passwordless authentication is an important step along the path to enhanced security and workflow efficiency, moving organizations from password-based access to fully passwordless workflows over time. For example, masking passwords from users significantly reduces cyber risks and improves clinical workflows today, getting rid of the password entirely only improves that benefit. By adopting passwordless authentication tailored to diverse healthcare workflows, organizations can protect sensitive data, boost operational efficiency, and enhance patient care.
Kel Pults, DHA, MSN, RN-BC, NREMT, Chief Clinical Officer and VP Government Strategy at MediQuant
In 2025, healthcare organizations are likely to significantly increase budgets for cybersecurity and infrastructure projects in response to the large breaches of recent years. This heightened focus on data protection may drive greater adoption of SaaS models. Organizations will also prioritize gap analyses to identify vulnerabilities, addressing both external threats from bad actors and internal risks, whether intentional or inadvertent. By proactively strengthening defenses and mitigating risks, healthcare providers can better safeguard their systems and maintain trust in an increasingly challenging digital environment.
Ty Greenhalgh, Industry Principal of Healthcare at Claroty
Critical vulnerabilities in healthcare’s supply chain pose significant risks to patient care. Proactively identifying and securing these choke points is essential to minimizing disruption and safeguarding vital resources. The recent attacks on organizations like Change Healthcare and One Blood highlight the importance of understanding and protecting these critical facilities. The need to address weaknesses in the healthcare supply chain is more pressing than ever for these organizations.
By mapping out the workflows and dependencies within the healthcare supply chain, especially focusing on third-party access, organizations can pinpoint areas of vulnerability and implement robust security measures. This includes segmenting the supply chain, identifying connections, and reviewing access credentials. If Change Healthcare had mapped out and understood the access their third-party vendors had, the detrimental impacts of this breach could have been significantly reduced.
To be prepared for evolving threats in 2025, healthcare organizations must adopt a proactive approach to security. By thoroughly mapping out third-party access points and continuously reviewing security protocols, providers can significantly reduce the severity of attacks and ensure continuity of care and the availability of essential medical supplies.
Tony Lauro, Senior Director, Security Technology and Strategy at Akamai Technologies
As we move into 2025, the healthcare industry faces a growing threat from ransomware attacks, with far-reaching consequences, as we saw in this year’s cyberattack on Ascension Hospitals. Healthcare organizations highly value reputation and attackers know they will pay to avoid controversy. Conversely, rural hospitals, in particular, will become increasingly attractive targets due to the desperation factor, which significantly influences the likelihood of ransom payments. Once considered “off limits,” healthcare facilities under immense stress and with limited resources are expected to become prime targets for cybercriminals.
Petros Efstathopoulos, VP of Research at RSAC
Healthcare IT will overhaul identity management in 2025 with AI and ‘decentralized identity.’ In 2025, healthcare IT will face increasing pressure to modernize their identity security protocols to combat increasing cyber threats and meet operational demands. The Change Healthcare ransomware attack, which stemmed from a lack of MFA, highlighted the urgent need for stronger identity protections. And as AI-powered tools become central to healthcare, AI-driven IAM will be crucial for securely managing human and machine identities.
Patient-centric access controls enabling granular data privacy protections will also be key to maintaining trust and regulatory compliance. While decentralized digital identity approaches are still in the early stages, they offer a glimpse of a more secure, interoperable future for the industry. Healthcare leaders who invest in advanced IAM now will strengthen their defenses and position organizations for long-term success in an increasingly connected and risky ecosystem.
Michael McNerney, SVP of Security at Resilience
2025 is shaping up to be the most challenging year on record for the healthcare industry when it comes to cybersecurity. Health plans, providers, insurers, and others are facing a perfect storm: the new presidential administration has injected renewed uncertainty around policy and regulation; the Change Healthcare attack and subsequent fallout have emboldened other eager hacking groups; continued digitization and interconnectedness have been shown to open up new points of failure simply waiting to be exploited; and an expected rise in M&A in the sector has the potential to introduce entirely new kinds of vulnerabilities as two companies come together. It’s not all doom and gloom, though.
Often, a perfect storm like this is, unfortunately, exactly what’s needed for an industry to wake up to the reality of today’s cyber threat landscape, then act accordingly to pull themselves together and invest in safeguards and thorough risk management strategies that they may have previously lacked. Airlines had their own security wake-up call over the summer after the CrowdStrike outage; while that doesn’t necessarily mean I predict a 2025 outage of that magnitude for the healthcare sector, I do believe that the challenges facing healthcare now are so novel and dangerous that we may very well end up seeing a more resilient version of the industry by 2026.
Cecil Pineda, SVP, Chief Information Security Officer at R1
By 2025, the rise of digital tools, AI, and automation in revenue cycle management will amplify the need for robust cybersecurity measures. Providers must deploy advanced threat detection and real-time monitoring systems to protect sensitive patient and financial data from increasingly sophisticated cyberattacks. Integrating proactive security protocols and automated responses will safeguard revenue cycle operations from breaches and downtime, ensuring compliance and preserving trust. These measures will be essential to maintaining the integrity of healthcare financial systems in an interconnected, high-tech landscape.
David Deas, CTO at Red Rover Health
The escalating threat of cyberattacks in healthcare will demand a proactive approach to data security in 2025. Organizations will prioritize advanced cybersecurity frameworks to safeguard sensitive patient and organizational data while maintaining trust. Seamlessly integrated security measures that protect systems without disrupting workflows will become a baseline requirement as healthcare continues to digitize and expand its reliance on interconnected networks.
Robert Bobel, Founder and CEO at Cayosoft
Nation-state-run ransomware groups will sharpen their focus on critical infrastructure organizations and their supply chains. In early 2024, we saw ransomware groups shed what ethics they had to target large organizations that served critical functions for society – Change Healthcare and Ascension Healthcare being prime examples. Traditionally considered off-limits as targets, the disruption and urgency caused by such attacks create Catch-22 scenarios in which targets more reliably paid high ransoms for quick resolutions. For this reason, I expect we’ll see increasingly daring ransomware attacks against critical infrastructure targets in 2025. In response, we’ll see a sharp increase in disaster recovery demand to complement the defense solutions on the frontlines.
Richard Wallace, Cyber Security Threat Analyst at Vercara
In the past year alone, nearly 400 healthcare institutions were successfully hit by ransomware. Healthcare organizations have become lucrative targets for cybercriminals due to the value of their nature, considering things like sensitive data and protected health information (PHI), the urgent need for data access, the use of legacy systems and software, and critical, time-sensitive services. In 2025, we’ll likely see increasing threats in the sector, but on a larger scale, as attackers become more sophisticated and use more advanced techniques like AI to make detection more difficult for security teams. Organizations must improve visibility across the network, endpoints, devices, and partners to keep pace with more attacks next year. Organizations should also consider using enhanced access controls and DNS solutions to counteract attacks like ransomware.
Yuval Wollman, Chief Cyber Officer at UST
In 2025, cybersecurity will be the top business function benefiting from AI, and analysts report they are seeing time savings of 40% on core tasks, including investigation. Specifically for incident response, Generative AI will augment security operations teams to boost detection capabilities and reduce the alert backlog analysis within the SOC. Furthermore, it will continue to enable healthcare security professionals without a full developer skill set to perform detection-as-code-related tasks, enhancing the overall efficiency and effectiveness of security operations teams for healthcare organizations.
This, in turn, will reduce the Mean Time to Detect (MTTD) as well as the Mean Time to Resolve (MTTR), a crucial task when these metrics have a real-world impact on human safety and patient care. While healthcare data will always be valuable to attackers, healthcare organizations in 2025 will reduce the likelihood of a breach through Cyber Threat Intelligence (CTI) services that reveal any exposed security risks. In particular, CTI leads automatically correlate with environmental logs to help identify suspicious behaviors early, and analysis of C2 architecture and metadata can assist further.
Additionally, if the worst occurs, healthcare organizations can limit the fallout from an attack by prioritizing the development of an incident response plan and working with outsourced MDR/MXDR vendors to fill gaps in expertise and resources. This also allows them to leverage the latest advancements in AI and automation without spending time and resources to build or develop in-house. With so many fires to fight (79% of security teams say they currently have 500 or more alerts open), there is no longer a way to ensure a truly risk-free enterprise environment. Instead, what McKinsey dubbed a risk-based model for security back in 2019 will be more crucial in 2025 than ever.
Anand Naik, CEO at Sequretek
As healthcare’s reliance on digital systems deepens, cybersecurity in 2025 must tackle the complexities of interconnected networks managing patient data. AI-powered security will transform threat detection, utilizing machine learning models trained on global intelligence feeds to recognize and mitigate cyber risks in real-time. Generative AI will accelerate proactive threat hunting and attack path analysis, addressing vulnerabilities before breaches occur. Autonomous parsing and advanced contextual analytics will simplify threat identification across diverse endpoints, including IoT devices and telehealth platforms. Zero-trust frameworks will integrate with AI-driven capabilities, ensuring continuous verification at every access point.
Blockchain-inspired solutions, combined with AI-driven attack surface management, will secure data interactions, enhancing both transparency and resilience. Leveraging extensive threat intelligence, healthcare systems can pre-emptively defend against sophisticated attacks while ensuring data integrity. By embedding these robust AI and blockchain-enabled security measures, healthcare providers will demonstrate a solid commitment to protecting patient information. This approach will foster patient trust and ensure safe, resilient operations in a rapidly evolving digital landscape.
Steve Cagle, CEO at Clearwater
In 2025, healthcare organizations will continue to advance their cybersecurity and risk management programs, building on the progress we’ve seen. Many have already embraced industry best practices, conducting business impact analyses to identify critical systems, developing robust continuity plans, and practicing incident response. Those lacking internal resources are partnering with expert providers to strengthen their defenses.
Next year, we expect broader adoption of these proactive measures as awareness grows among business leaders, making cyber risk management a priority. Organizations will increasingly invest in long-term strategies to tackle evolving threats and secure both legacy and emerging technologies. However, progress won’t be universal. Healthcare remains a critical infrastructure sector, and we cannot depend solely on voluntary action. Anticipate new regulations, enhanced enforcement, and potential funding initiatives, especially for underserved hospitals, to drive accountability and ensure patient safety in an era of growing cyber.
Vijaya Krishna Veeravalli, Senior Vice President – Cloud Engineering at AGS Health
In 2025, the healthcare sector’s cybersecurity landscape will be shaped by evolving ransomware tactics, increased regulatory pressures, and the integration of advanced AI-driven defenses. As the threat of ransomware attacks pose risks and disruptions to operations and patient care, healthcare providers will need to adopt proactive measures to prevent service delays and protect patient safety. Financial impacts will likely escalate, with healthcare organizations not only incurring direct ransom demands but also higher costs related to compliance, cybersecurity improvements, and reputational recovery. AI will play a larger role in cybersecurity, with new AI-powered tools providing enhanced detection and automated response capabilities.
However, as AI itself becomes a target for cybercriminals, healthcare IT leaders must implement rigorous oversight to manage these tools responsibly. To stay resilient, organizations should prioritize advanced strategies like network segmentation, vulnerability disclosure policies, and regular third-party assessments. Additionally, proactive approaches, such as reducing dependence on legacy systems, applying multi-factor authentication, and maintaining a strict security patch schedule, will be critical to maintaining robust defenses against both established and emerging threats.
Heather Randall, PhD, Chief Compliance Officer at TrustCommerce, a Sphere Company
With healthcare organizations constantly under threat of data breaches and cybersecurity incidents, they must continue to take new steps to protect themselves against the increasing sophistication of these threats. For example, AI offers new ways for bad actors to illegally access sensitive data, making it imperative that providers and staff members limit access to patient data, evolve their risk analyses to adapt to the changing threat landscape, and regularly review their control environment to ensure it’s appropriate to their level of risk.
Ganesh Nathella, Senior Vice President and General Manager – HLS Business at Persistent Systems
By 2025, the intersection of AI and cybersecurity will redefine how healthcare systems protect sensitive data. As healthcare networks grow more complex, AI will become indispensable in detecting and neutralizing threats in real-time. For instance, machine learning algorithms can flag anomalies, such as unauthorized access to patient records or unusual activity on IoT devices, before damage occurs. Zero-trust frameworks, already a critical part of today’s cybersecurity strategies, will continue to evolve and become more pervasive, ensuring every access point, from wearables to telehealth platforms, is continuously verified.
Additionally, blockchain-inspired technologies may emerge as a standard, offering transparent and tamper-proof data interactions. Imagine a system where every patient data access or modification is logged immutably, ensuring trust and compliance. These advancements are not just about preventing breaches; they’re about reinforcing patient trust. A secure digital environment is critical for the adoption of innovative care models, making cybersecurity a cornerstone of healthcare’s future.
Navroop Mitter, CEO at ArmorText
As companies, venture capitalists, and other stakeholders come to terms with the inevitability of breaches, investments in post-breach preparedness will rise substantially. While regulatory mandates are driving compliance, venture capitalists are recognizing an under-served market: post-breach resilience. Previously dominated by pre-breach cybersecurity tools, the investment landscape is shifting. Organizations, witnessing gaps in their response capabilities following breaches, are increasingly prioritizing incident response planning and testing. This trend is expected to make post-breach resilience the new cornerstone of cybersecurity strategies.
Investments in out-of-band preparedness for incident response and business continuity will also multiply significantly. During incident response, organizations often find themselves unprepared for taking communications out of band securely, a critical gap that leaves them vulnerable. Effective response relies on communications continuity, and organizations will increasingly look to bolster their capabilities to ensure safe and secure out-of-band communication not only for cybersecurity professionals but also to support broader operational resilience across the enterprise.
Thank you so much to everyone who took the time out of their day to submit a prediction to us and thank you to all of you for taking the time to read this article! We could not do this without all of your support. What do you think will happen for Healthcare Cybersecurity in 2025? Let us know on social media. We’d love to hear from all of you!
Be sure to check out all of Healthcare IT Today’s Healthcare Cybersecurity content and our other 2025 Health IT Predictions.
No comments:
Post a Comment