By Phil Englert
Cybersecurity in healthcare is no longer just an IT issue – it’s a direct patient safety concern. The 2025 Healthcare Cybersecurity Benchmarking Study, published by KLAS Research and Censinet, provides a comprehensive analysis of cybersecurity preparedness across the healthcare sector. Conducted in collaboration with AHA, Health-ISAC, HSCC, and The Scottsdale Institute, the study highlights industry-wide vulnerabilities, evaluates cybersecurity maturity, and offers actionable strategies to strengthen resilience.
For HTM professionals, cybersecurity is critical. Medical devices are increasingly connected, integrated into hospital networks, and reliant on cloud-based services. A cyberattack doesn’t just disrupt IT systems – it can cripple life-saving technologies, delay patient care, and compromise sensitive health data. Understanding the broader cybersecurity landscape helps HTM teams develop strategies to protect, recover, and strengthen medical device security.
One of the study’s most striking findings is that, for the third consecutive year, healthcare organizations are better at responding to cyber threats than preventing them. The Govern and Identify functions within the NIST Cybersecurity Framework 2.0 (CSF 2.0) continue to lag, exposing weaknesses in third-party risk management and asset tracking – two areas critical to medical device security.
The Change Healthcare cyberattack in February 2024 was a wake-up call for the industry. A single breach cascaded across the healthcare ecosystem, affecting providers, payers, and patient safety. Over 100 million patients, nearly one-third of the U.S. population, were impacted. Independent and small healthcare providers, lacking financial reserves, struggled to endure extended payment cycles. The incident caught the attention of government agencies and regulators, highlighting the interdependence of healthcare on backend service providers.
To address these challenges, HTM professionals must take proactive steps to strengthen cybersecurity within medical technologies. Improving asset management is a crucial first step. Maintaining an updated inventory of connected devices, working with manufacturers to obtain security patches and update cycles, and adopting Zero Trust architecture where feasible to restrict access based on identity verification and continuous monitoring.
Beyond internal security measures, third-party risk management is an increasing concern. Healthcare providers should not bear the sole burden of policing vendors, technology and service providers must be held to higher cybersecurity standards, especially those supporting critical healthcare infrastructure. Medical device technologies that rely on cloud services to collect, evaluate, and manage clinical data must meet enforceable security requirements to prevent cascading risks.
Incident response and recovery planning are equally important. HTM teams should conduct cybersecurity exercises with IT teams to simulate medical device failures, develop a response and recovery plan, and map out responsibilities and communication protocols. Manufacturers and third-party vendors should be actively engaged in response planning to ensure rapid service restoration while balancing forensic investigations.
Collaboration across the healthcare sector is essential. Sharing cyber event data through Health-ISAC strengthens collective defenses, allowing organizations to apply detection and protection capabilities that prevent breaches before they occur. Monitoring Indicators of Compromise (IOCs), such as network anomalies, unauthorized access attempts, and unusual outbound traffic, can help identify threats early. However, legacy medical devices often lack built-in security monitoring, making proactive threat intelligence even more critical.
The HSCC warns that cybersecurity threats in healthcare are escalating, but resource-strapped providers lack the workforce, strategic partners, and financial means to implement necessary protections. Interviews with 42 healthcare leaders revealed a troubling reality: providers know what must be done, but they lack the capacity to act. Without immediate support, these vulnerabilities will continue to jeopardize patient safety and healthcare operations.
HTM professionals are on the frontlines of medical device security. By adopting proactive cybersecurity strategies, collaborating with IT teams, and demanding stronger protection from vendors, HTM leaders can help safeguard healthcare technology and ensure uninterrupted patient care. Cybersecurity is no longer optional; it is a fundamental pillar of patient safety.
The study is available online and can be accessed by scanning the QR code.
