Excerpt from Digital Health News Article, Published on November 11, 2025
A recent survey by Ernst & Young (EY) and Klas Research highlights the growing toll of cyber threats on the healthcare industry, revealing significant financial, operational, and clinical repercussions. Over the past two years, more than 70% of healthcare leaders reported moderate to severe financial losses from cybersecurity incidents, while nearly 60% said such breaches disrupted clinical services, delaying treatments and undermining patient confidence.
Drawing insights from 100 senior cybersecurity executives, the report found that healthcare organizations encounter an average of five different types of cyber threats annually. Among these, phishing attacks and breaches involving third – party vendors were the most common and damaging.
Although leadership awareness and support for cybersecurity have improved, the study found that many organizations still lack the resources and sustained focus needed to maintain long – term resilience. Executives cited budget constraints and shifting priorities as ongoing barriers to strengthening security frameworks.
Operational disruptions were reported by 60% of participants, reflecting the wide – reaching impact of cyber incidents on healthcare delivery. Encouragingly, over 80% of respondents agreed that integrating cybersecurity into overall business strategy has proven effective in reducing risk exposure.
However, funding limitations and talent shortages remain pressing issues. Two – thirds of the surveyed leaders said that financial constraints hinder their ability to meet cybersecurity objectives. Additionally, a shortage of skilled professionals has forced many healthcare providers to rely on external contractors or leave key cybersecurity positions vacant.
In response, more than half of the organizations are investing in training and upskilling existing staff to build stronger in – house expertise. Vendor security remains another critical area of focus, with nearly 70% of healthcare leaders planning to strengthen cybersecurity requirements and compliance standards for third – party providers.
To delve deeper into this topic, Visit Digital Health News.
