Health-ISAC 2025 Health Sector Cyber Threat Landscape

Annual Threat Report – 2025

2024 was a challenging year in cybersecurity for health sector systems around the world.

The Health-ISAC 2025 Health Sector Cyber Threat Landscape highlights a continued escalation of cyberattacks. Key findings include a surge in ransomware attacks, with increasingly sophisticated techniques employed by threat actors.

The report also emphasizes the growing threat of nation-state actors and cyber-espionage, targeting sensitive patient data and intellectual property. Furthermore, the rise of Internet of Medical Things (IoMT) devices has introduced new vulnerabilities, while the evolving threat landscape necessitates continuous adaptation of security measures for health sector organizations globally.

Includes the following, plus key insights pulled from the survey data:

• Top Five Cyber Threats Health Sector Organizations Faced in 2024
• Top Five Cyber Threats Health Sector Organizations are looking at in 2025
• Top Three Challenges Medical Device Manufacturers reported in developing secure medical devices
• Top Three Impacts on Healthcare Delivery Organizations

Health ISAC 2025 Annual Threat Report
Size : 7.1 MB Format : PDF

• Related Resources & News
• Potential Terror Threat Targeted at Health Sector – AHA & Health-ISAC Joint Threat Bulletin
• New Cybersecurity Policies Could Protect Patient Health Data
• CyberWire Podcast: PHP flaw sparks global attack wave
• Health-ISAC Hacking Healthcare 3-14-2025
• HSCC Aiming to Identify Healthcare Workflow Chokepoints
• New Healthcare Security Benchmark Highlights Key Investment Priorities and Risks
• Are Efforts to Help Secure Rural Hospitals Doing Any Good?
• CISA cuts $10 million annually from ISAC funding for states amid wider cyber cuts
• 2024 Health-ISAC Discussion Based Exercise Series After-Action Report
• Cobalt Strike takedown effort cuts cracked versions by 80%