-optimized.jpg){kind=avatar}
Healthcare has a concerning disconnect between priority and preparedness, according to a report by the cyber firm Bridewell. While data protection and privacy remains the healthcare sector’s leading cyber security concern, 42pc of organisations report low confidence in their ability to effectively protect sensitive confidential data.
As the firm says, healthcare sits on a goldmine of sensitive personal data, and having historically struggled to defend it, the sector has long been an attractive target for threat actors. Hence half (51pc) of organisations cite data protection and privacy as their primary cyber challenge. Managing highly sensitive patient information, including medical histories, diagnostic data and personal identifiers which means the stakes extend far beyond financial loss, with the compromise of this data carrying serious implications for patient safety, trust and continuity of care, the firm adds.
The risks have been compounded by the added layer of complexity that artificial intelligence brings, with more than a third (35pc) of healthcare bodies surveyed citing AI cyber risk as a key concern. Other concerns of the industry include: improving cyber resilience (40pc), with lower concerns regarding trusting cyber tools (26pc) and complying with regulations (28pc).
Protecting dataย
Despite recognising the importance of protecting sensitive patient data, confidence in cyber measures remains low across much of the sector. Nearly four in ten healthcare bodies surveyed (39pc) report low confidence in their data protection capabilities. The firm suggests this is highlighting a persistent gap between cyber priorities and an’ ability to address them.
The growing use of AI in healthcare brings significant new exposure points, particularly where downstream identity and access management is insecure. As AI systems are granted access to large volumes of sensitive patient data, weak governance around who, and what can access that data creates serious risk. Poorly governed pipelines, over-permissioned integrations and ungoverned service accounts can quietly open access to sensitive records in ways that existing controls were never designed to detect or contain. As healthcare become more interconnected and AI adoption accelerates, many bodies remain uncertain whether their controls are sufficient to keep pace with an evolving threat landscape, the firm adds.
IT disruptionย ย
Cyber attacks can result in a variety of operational, financial and reputational consequences, but IT disruption remains the most prevalent impact for healthcare, the survey suggests. Nearly half (48pc) of those surveyed identified IT disruption as a key consequence of cyber incidents. The firm adds that this is highlighting the sector’s growing dependence on digital systems and the significant operational challenges caused by downtime.ย More than a third of bodies surveyed reported experiencing revenue loss (36pc), while operational disruption was cited by 34pc of respondents. A third (33pc) also identified budget increases, data loss and supply chain disruption as key consequences of cyber incidents.
Cloud adoptionย ย
Cloud adoption is creating security challenges for healthcare. While cloud platforms offer greater scalability, flexibility and support for digital transformation initiatives, they can also introduce additional risk if not properly secured. Cloud infrastructure was identified as the primary attack vector by 29pc of healthcare organisations, exceeding the critical national infrastructure (CNI) average of 25pc. This suggests healthcare providers may be particularly exposed to cloud-related risks, including misconfigurations, inadequate access controls and broader governance challenges, as they continue to modernise their technology environments.
Incidents
The findings revealed that healthcare organisations report some of the fastest cyber incident response times across CNI. On average, organisations reported responding to ransomware, supply chain and data theft incidents within five to six hours, outperforming many other sectors. This is partly driven by the sectorโs strict regulatory requirements and the need to maintain patient safety and continuity of care, which place pressure on organisations to act quickly in the event of a cyber incident.
However, despite these comparatively fast response times, a significant gap remains between the speed of response and the speed at which modern threat actors operate. Cybercriminals can move from initial access to data theft within minutes, meaning healthcare organisations must continue to strengthen their detection, containment and recovery capabilities to reduce exposure to cyber threats.
Sam Thornton, Chief Operating Officer, at Bridewell said:ย โHealthcare organisations are navigating an increasingly complex threat landscape while managing some of the most sensitive data of any sector. Our research shows that data protection remains a top priority, but many organisations still lack confidence in their ability to defend against evolving cyber threats. The acceleration of AI adoption is opening doors that many organisations don’t yet know exist, when the identity and access management layer downstream isn’t secure, sensitive patient data can be reached through pathways that sit entirely outside traditional security frameworks. As healthcare continues its digital transformation journey, that governance gap must be closed.โ
Download the report at: https://www.bridewell.com/insights/white-papers/detail/cyber-security-in-healthcare–2026
