The healthcare sector is particularly vulnerable to cybersecurity risks and the stakes for patient care and safety are particularly high. Healthcare facilities are attractive targets for cyber criminals in light of their size, technological dependence, sensitive data, and unique vulnerability to disruptions. Strengthening our cybersecurity infrastructure and defending against malicious attacks requires vigilance, vision, and collaboration. Can AI help improve healthcare security?
We asked our experts what improvements to security we might see in 2025. Here is what they had to say. And check out all our prediction posts looking to 2025
Chris Bowen, Chief Information Security Officer & Founder, ClearDATA
LinkedIn: Chris Bowen, CISSP, CCSP, CIPP-US, CIPT
AI Will Be Critical for Threat Detection and Response.
By 2025, AI will become an essential tool for healthcare cybersecurity. AI-driven platforms will detect, analyze, and mitigate threats in real time, significantly reducing response times and the risk of breaches. Spoiler Alert: the bad guys will be stepping up their AI game as well!
Healthcare Will See a Surge in Ransomware Attacks Targeting Cloud Systems.
The rise in cloud adoption will attract cybercriminals, making cloud environments a prime target for sophisticated ransomware attacks. Attackers will exploit misconfigurations, phishing campaigns, and third-party vendor vulnerabilities to compromise cloud-based systems.
Cyber Resiliency Will Be a Competitive Differentiator.
By 2025, healthcare organizations with robust cyber resiliency strategies will gain a competitive edge. Patients and partners will gravitate toward organizations demonstrating strong data protection, operational continuity, and a proven ability to recover quickly from cyber incidents.
Michael Combs, President & CEO, CorVel Corporation
LinkedIn: Michael Combs
In 2025, prominent, general-purpose LLMs will rise to the surface, and organizations will increasingly start to use AI as a utility, where data is their fuel. Paired with new data sets comes an emphasis on data privacy, security, and the use of generative AI. These technologies being more widely implemented in 2025 will drive an increase in regulations in local, state, and national jurisdictions across workers’ compensation and managed care.
Joe DeVivo, President and CEO, Butterfly Network
LinkedIn: Joe DeVivo
Cloud Security and Certifications
As healthcare data has become increasingly digitized and interconnected, concerns about data privacy and security have intensified, requiring a renewed focus on cloud security in healthcare technology. In the coming year, cloud security in healthcare will reach new heights, as companies that are leading the charge become the first to achieve certifications like StateRAMP in medical imaging. The trend toward robust cloud security and certifications in healthcare imaging is expected to accelerate in 2025, as more healthcare institutions recognize the benefits of cloud-based solutions. This shift will likely lead to improved data management, enhanced collaboration among healthcare professionals and, ultimately, better patient care through more secure and efficient medical technologies.
Jim Ducharme, CTO, ClearDATA
LinkedIn: Jim Ducharme
By 2025, AI is poised to play a transformative role in addressing healthcare security challenges. One of its key contributions lies in remediation and resolution acceleration. For example, AI can provide clear, actionable guidance on best practices to address specific vulnerabilities or misconfigurations in healthcare systems. While it may not fully automate the resolution of all cybersecurity issues, AI can prescribe solutions effectively. For instance, at ClearDATA, safeguards monitor misconfigurations and vulnerabilities, and AI suggests detailed steps for remediation. It even goes further, offering translations tailored to different operational preferences—such as converting manual fixes into cloud formation scripts for teams that manage their infrastructure through code. This adaptability ensures healthcare organizations can act quickly and precisely to mitigate risks.
AI’s ability to expedite vulnerability patching is another critical advancement. Speed has long been a challenge in cybersecurity, with delays in patching increasing exposure to risks. By using AI to streamline these processes, healthcare organizations can reduce their attack surface more effectively. As cyber threats grow in complexity and volume, AI’s role in guiding and accelerating security resolutions will be essential in safeguarding patient data and maintaining trust in healthcare systems.
Ryan Finlay, Principal Chief Information Security Officer, CereCore
LinkedIn: Ryan F.
As 2025 approaches, security remains a critical challenge for healthcare systems, with AI taking a pivotal role in defense strategies. After the major ransomware events of 2024, the healthcare sector will focus on adopting advanced technologies to protect sensitive data and connected medical devices. AI-powered tools enhance vulnerability detection across networks, improve asset visibility, and simplify risk management, particularly within the Internet of Medical Things (IoMT). However, while blockchain garners attention, its widespread adoption in healthcare is unlikely due to infrastructure and regulatory barriers. As cybersecurity threats evolve, AI’s ability to quickly analyze and respond to incidents will prove essential to safeguard healthcare environments.
Karen Kobelski, Vice President and General Manager of Clinical Surveillance Compliance & Data Solutions, Wolters Kluwer Health
LinkedIn: Karen Kobelski
In 2025, continuing staffing shortages, reliance on per diem or traveling staff, and high turnovers will require more vigilance on behalf of hospitals and health systems in monitoring controlled substances as new clinical teams may not be familiar with policies and procedures. Further, those who divert can more easily switch locations given today’s staffing models. For facilities with more consistent staff, employee wellness remains a priority, and identifying substance use disorder early can ensure employees receive the help they need as quickly as possible. AI-driven surveillance tools will become indispensable, identifying risks more proactively and streamlining investigations with precision and efficiency.
Dan Kompare, Vice President of Information Systems, Harmony Healthcare IT
LinkedIn: Dan Kompare
While Artificial Intelligence governance continues to be challenging given the rapid adoption, 2024 has brought a plethora of new product offerings to the market which leverage AI in ways that present a strong value proposition in risk mitigation. My prediction for 2025 is that market shift in backup, disaster recovery and data loss prevention toolsets will be using AI to move beyond the retroactive indicators of compromise — and position Cyber Security teams in a more activity-based alert. Refinement of false positives that often lead to alert fatigue will enable greater focus on actionable mitigation and proactive hygiene that strengthens resiliency and recoverability. This will become necessary as threat actors leverage similar techniques to rapidly create variants in the mission to avoid detection. Gen AI challenges traditional phishing training, to the extents of deepfake where educating users to verify in a separate communication channel is not enough.
Scott Littrell, Head of Technology Services, TruBridge
LinkedIn: TruBridge
Cybersecurity is an organization-wide responsibility, especially in healthcare, where the sensitivity of patient data makes the industry a prime target for social engineering attacks. This issue extends beyond the IT department and requires a unified effort across all levels of a hospital or health system.
AI has become a transformative tool in healthcare, streamlining operations and improving care delivery. However, it also serves as a double-edged sword, enabling attackers to enhance phishing tactics and make detection increasingly challenging.
To counter these risks, organizations must prioritize end-user education, simulate phishing scenarios internally, and implement robust incident response strategies, including playbooks and regular exercises. AI can also be used to minimize risk tied to human error and resource constraints through solutions that analyze patterns, detect anomalies and automate threat responses.
In 2025, healthcare organizations must proactively adopt new processes and solutions to protect patient data and maintain strong cybersecurity defenses.
Steve Mok, PharmD, MBA, BCPS, BCIDP, Manager of Pharmacy Services and Fellowship Director for Clinical Surveillance and Compliance, Wolters Kluwer Health
LinkedIn: Steve Mok, PharmD, MBA, BCPS, BCIDP
In 2025, worsening workforce shortages of pharmacists and pharmacy technicians will require healthcare organizations to be more creative in their staffing and service models to support patient care. While standardizing clinical practices will help ensure efficiency, technology that can run in the background, surveilling the clinical data and helping direct clinical attention and intervention will help improve patient and medication safety. Virtual care combined with these always-on platforms will mitigate the consequences of an alarming rise in “pharmacy deserts” and clinician shortages.
Brian Montgomery, Expert Security Engineer, Altera Digital Health
LinkedIn: Brian Montgomery
I honestly don’t think a significant number of healthcare organizations are going to consider using AI to be more secure on their own accord. That said, the security vendors healthcare organizations use to protect themselves will certainly be finding ways to implement AI into their products. While there will be legitimate use cases where these security vendors use AI to increase the protections afforded to paying customers, I think that the hype around AI right now will also result in poorly tacked-on AI that will have no significant impact on the quality of these security products. Organizations should assess the “why” and the “how” behind AI implementation in their security products and understand how the answers to these questions improve the security of the products they are buying and implementing.
Jon Moore, MS, JD, HCISPP SVP, Consulting Services & Client Success & Chief Risk Officer, Clearwater
LinkedIn: Jon Moore, MS, JD, HCISPP
AI has significant potential to enhance healthcare security in 2025 by enabling faster identification of critical risks through predictive analytics, detecting anomalies in real-time, automating routine security tasks, and analyzing vast amounts of threat intelligence to prepare for emerging threats. However, it’s essential to recognize that AI is a double-edged sword—it can also be exploited by threat actors to develop more sophisticated attacks, such as automating phishing campaigns or evading detection systems. Additionally, AI-enabled systems implemented by healthcare organizations introduce risks like data leakage, bias, and inaccurate outcomes, which are particularly concerning in clinical settings. Strong governance, clear policies, and adherence to frameworks like NIST’s AI Risk Management Framework are critical to mitigating these challenges. Thoughtful implementation can ensure AI becomes a force for good, strengthening security and keeping patients and their data safe.
Ashish Nagar, CEO, Level AI
LinkedIn: Ashish Nagar
- Organizations will prioritize secure, customizable AI solutions that protect sensitive customer data while still leveraging the power of advanced analytics.
- AI governance frameworks will become essential for enterprises to ensure ethical use of AI in patient interactions and decision-making processes.
- Regulatory compliance in AI will drive innovation in transparent, explainable AI models for customer service and healthcare contact center applications.
George Pappas, CEO, Intraprise Health
LinkedIn: George C. Pappas, CFCHE
AI will be a weapon wielded by both sides in the war between healthcare organizations and hackers intent on stealing their data. AI-powered tools enable the good guys to quickly identify patterns and vulnerabilities within their own organizations and, in some cases, those of their partners and vendors, allowing them to address issues more effectively than ever before. However, hackers are using AI to develop more sophisticated and clever attacks. It is an escalating AI arms race with no end in sight.
Cecil Pineda, Chief Information Security Officer and Senior Vice President, R1
LinkedIn: Cecil P.
In 2025, the increasing reliance on digital tools, automation, and AI in revenue cycle management will elevate the importance of cybersecurity measures. Providers will need to adopt advanced threat detection and data security monitoring systems powered by AI to safeguard sensitive patient and financial data against advanced cyber threat actors and groups – who are also utilizing advanced AI tools to develop their attacks. Providers can lead the charge by integrating proactive security protocols, real-time monitoring, leading-edge technologies, and automated responses to protect revenue cycle operations from breaches and downtime. These efforts will ensure compliance, build patient trust, and preserve the integrity of critical healthcare financial systems in an increasingly interconnected environment.
Lance Reid, CEO, Telcion Communications Group
LinkedIn: Lance Reid
AI will significantly impact healthcare cybersecurity in 2025, both positively and negatively. On the positive side, AI will streamline security operations by automating routine tasks, such as analyzing vast amounts of alerts, allowing security professionals to focus on more complex and strategic challenges.
However, AI’s capabilities will also be leveraged by cybercriminals, enabling them to automate attacks with greater precision and scale. This dual-edged nature of AI will require healthcare organizations to stay vigilant, adopting AI-driven defenses to counter increasingly sophisticated threats. As AI reshapes the cybersecurity landscape, balancing its risks and benefits will be critical to safeguarding patient data.
Rahul Sharma, CEO, HSBlox
LinkedIn: Rahul Sharma
With increased investments in cloud infrastructure and digital tools, the need for robust cybersecurity processes and systems is going to increase. The Change Healthcare ransomware attacks in 2024 that crippled the healthcare industry highlighted the weaknesses and vulnerabilities of many healthcare infrastructures, platforms and solutions. There will continue to be significant investments in the field of cybersecurity and stringent audit requirements for anyone that deals with healthcare data, access rights, data transfer, reporting and workflows. A good way to identify and implement controls is via annual certifications of SOC 2 Type II, HITRUST, FedRAMP, CMMC and NIST. While these are a critical aspect of good cyber hygiene, a robust and routine training and awareness program that promotes employee awareness is essential. For platforms and solutions, the implementation of Zero Trust Frameworks will continue to see massive adoption. Zero Trust works on the principle that no user, device, or application should be trusted by default, even if they are within the network perimeter. A key first step in applying this model is the implementation of micro-segmentation to ensure that interactions between entities are highly secured by isolating different parts of the network. Continuous network traffic monitoring and anomaly detection are important to identify and prevent potential breaches, unauthorized access attempts, malware infections, and other suspicious activities. Controlling access to data and managing authentication, authorization, encryption, and least-privilege access controls are critical aspects of information security. Multi-Factor Authentication (MFA) is a pivotal tool in achieving Zero Trust Security. MFA requires users to submit two or more forms of authentication that fall under these four categories: Knowledge (PIN), Inherence (biometrics like fingerprint, voice, etc.), Device possession (USB key, token, etc.) and Location (via GPS tracking). With these safeguards in place, internal and external security penetration tests by third parties will ensure robustness of the infrastructure, platforms and solutions.
David Slazyk, Chief Information Officer, Nextech
LinkedIn: David Slazyk
The American Hospital Association states this year is on track to be one of the worst years for healthcare cyber breaches, citing nearly 400 data-theft crimes and ransomware attacks in 2024. Healthcare leaders are responsible for vast amounts of sensitive patient data, which is why strong security measures beyond basic HIPAA compliance must be a top priority.
Widespread artificial intelligence has the potential to help IT teams proactively monitor and stop attacks. However, cybercriminals use this technology to better disguise threats and infiltrate systems. Often, organizations rely on staff, or the “human firewall”, to identify and prevent attacks. Security measures must evolve in tandem with AI, which requires constant IT agility.
As we look to 2025, risk mitigation remains the best defense against cybercrime. Especially in small, specialty healthcare practices, leaders must stay vigilant and implement security frameworks such as Zero Trust and multi-factor authentication to safeguard valuable patient data.
Scott Stuewe, President and CEO, DirectTrust
LinkedIn: Scott Stuewe
In 2025, it’s easy to predict that the contagion of cyber incidents that spiked in 2023 will continue. However, there’s hope that the healthcare sector will grow more resilient. Organizations who can afford it will likely continue allocating larger budgets for cybersecurity tools and independent assessments of broadly recognized security practices, following the trend set in 2024.
We can hope that the bipartisan consensus on the importance of addressing cyber resilience in healthcare will continue therefore ensuring that existing public-private partnerships are strengthened, rather than replaced by some new knee-jerk task force as is often tied to new administrations. The Health Sector Coordinating Council (HSCC) has already demonstrated the power of collaboration, bringing together hundreds of stakeholders and federal agencies voluntarily to create assets that can be used by anyone operating an organization in the sector. This includes recommendations and strategies to address the sector holistically, which needs ongoing support. If this work continues its focus, I expect that incident response can improve.
Artificial intelligence is a powerful tool giving organizations a way of extending the security workforce, and this will be a significant trend in 2025. However, threat actors are leveraging AI to make their jobs easier as well. While it is too much to hope that improvements in any of these areas at the current course and speed will substantially reduce the number of incidents, they may reduce identification and recovery times and encourage behavior that improves resilience.
Greg Surla, SVP, Chief Information Security Officer, FinThrive
LinkedIn: Greg S.
In 2025, AI-driven security programs will reshape how healthcare organizations defend against evolving threats. These systems detect anomalies and neutralize threats in real time, cutting response times and minimizing damage. By analyzing vast data and uncovering patterns, AI takes a proactive role in cybersecurity—fortifying defenses, ensuring operations remain stable, and protecting patient safety. As cyberattacks grow more frequent and complex, adopting AI-first solutions will be essential to preserve trust and resilience in healthcare.
Saeed Valian, Chief Information Security Officer, symplr
LinkedIn: Saeed Valian
Artificial intelligence (AI) will remain a double-edged sword for healthcare cybersecurity. While AI’s game-changing power drives operational efficiencies and detects threats at an unprecedented scale, cybercriminals are also using AI to exploit system vulnerabilities and execute more sophisticated attacks. And the stakes in healthcare couldn’t be higher, with gaps widening between IT leaders and operational or clinical teams. Our annual Compass survey found that IT leaders are the only stakeholder group that ranks cybersecurity as their top threat. At the same time, shadow IT – unvetted systems and tools outside of formal oversight – continues to proliferate and introduce significant risks. In 2025, AI’s potential and associated success will come down to who uses the technology to stay one step ahead: healthcare organizations or cybercriminals? A unified governance structure for cybersecurity is needed to bring healthcare providers, payers, vendors, and regulators together to establish a clear AI framework that prioritizes security by design and avoids stifling innovation. Ultimately, human-led AI’s role in securing our systems and addressing vulnerabilities will only grow in importance when protecting patient safety and operational integrity.
Thyaga Vasudevan, EVP-Product, Skyhigh Security
LinkedIn: Thyaga Vasudevan
There is no doubt that AI will lead to exponential improvements in the healthcare industry’s ongoing security journey, both as a complement to human intelligence and as a self-optimizing system. However, until we see industry-specific AI regulations for mission critical fields, numerous ethical challenges will remain. For instance, liability for AI-driven decisions, such as health diagnoses, still needs to be clearly defined.
In 2025, ethical frameworks tailored to healthcare must prioritize patient safety and privacy. Overall, truly achieving ethical AI will also require robust, auditable frameworks and decentralized oversight bodies that ensure diverse representation in shaping ethical standards.