LevelBlue, a managed security services, strategic consulting, and threat intelligence provider, recently released its 2025 Spotlight Report: Cyber Resilience and Business Impact in Healthcare, which highlights how the healthcare industry protects itself from increasingly sophisticated cyberattacks.
To learn more about cybersecurity in the healthcare industry, Channel Insider sat down with Theresa Lanowitz, Chief Evangelist at LevelBlue, for a broader discussion about the report findings.
Nearly half of healthcare executives report a higher volume of attacks
Among the key highlights of the report is the finding that 32 percent of healthcare executives surveyed stated that their organization had suffered a breach in the past 12 months. Meanwhile, 46 percent reported experiencing a significantly higher volume of attacks.
AI has been a significant part of the equation for organizations when it comes to cybersecurity, as threat actors increasingly utilize it to become more efficient in their attacks and for social engineering purposes. However, only 29 percent of healthcare executives said they’re prepared for AI-powered threats, despite 41 percent believing they will occur.
Lanowitz attributes the high breach rate among healthcare organizations to a lack of cybersecurity as a business requirement, with only 43 percent of healthcare organizations allocating a cybersecurity budget to every project.
“They’re not able to take as much risk in terms of innovation, and this could be where some of the breaches come from as well, because they’re not really taking that adaptive approach to cybersecurity,” said Lanowitz. “They’re not necessarily focused on bringing in a lot of trusted third-party advisors to really help them along the way. Cyber resilience plays a big factor in terms of the entire organization coalescing together in the event of some type of cyber incident, a man-made incident, or some type of natural disaster.”
Lanowitz recommends leveraging the support of channel partners
Being more reactive than proactive is a recipe for cyber disaster, for which executive leadership at healthcare organizations needs to be wary. The good news is that cyber resilience measures are becoming more integral to business operations, as the report found that 61 percent of healthcare organizations are now aligning their cybersecurity teams with lines of business.
About 44 percent expect to enlist managed security service providers (MSSPs) in the next two years– an increase from 30 percent over the past 12 months. By bringing in trusted third-party experts and MSSPs, it frees up internal IT teams from having to look at every alert that’s coming in.
“You, as the customer of the MSSP, can go off and you can focus on far more strategic concerns, such as aligning your cybersecurity team with the line of business,” said Lanowitz. “Use those MSSPs to act as that strategic extension of your team.”
MSSPs provide 24/7 coverage and leverage emerging technologies to identify patterns and indicators of compromise for your business. Choosing the right MSSP depends on the organization’s specific requirements and benefits from a strategic relationship between the two entities.
The next steps for keeping healthcare secure lie in a proactive and strategic approach to technology
While healthcare organizations are making progress in integrating cybersecurity across their operations, there is still work to be done, according to the report by LevelBlue. The report identifies the extent to which organizations are investing in certain measures to prepare for new and emerging types of cyber threats. Executives surveyed are most likely to invest in:
- Generative AI for social engineering attacks (28 percent)
- Cyber resilience processes across the business (26 percent)
- Application security (25 percent)
- Machine learning for pattern matching (24 percent)
- Zero Trust Architecture (15 percent)
To better prepare for current cybersecurity threats, organizations should conduct a self-assessment to determine their most significant risk and the type of attack they’re least prepared for.
“We know that only 38 percent of healthcare organizations have formalized incident response plans in place, so the last thing you want to do is to deal with formulating an incident response plan in the midst of having some sort of impact on that entire IT estate, especially in healthcare,” said Lanowitz. “Proactive and intentional instead of reactive and transactional.”
LevelBlue notes that organizations should be focused on cyber resilience in four ways:
- Push cyber resilience up the organization
- Embed cybersecurity responsibilities throughout the organization
- Be proactive, not reactive
- Prioritize resilience in the software supply chain
Interested parties can take a look at the complete findings of the 2025 LevelBlue Spotlight Report: Cyber Resilience and Business Impact in Healthcare.
As AI-powered cyber threats become increasingly prevalent, organizations will need faster incident response and streamlined recovery processes. Read more about an expanded partnership between Commvault and CrowdStrike to build stronger cyber resilience worldwide.