Skip to main content

When AI Powers the Dark Side of Healthcare Cybersecurity

July 1, 2025
Image: [image credit]
Photo 103483001 / Cybersecurity © Leowolfert | Dreamstime.com

Mark Hait
Mark Hait, Contributing Editor

Healthcare cyber risk has entered a new and perilous phase. The rise of generative artificial intelligence has empowered threat actors to execute attacks at unprecedented speed, scale, and precision. Nearly three-quarters of enterprises, including health systems, have experienced breaches averaging $4.8 million each over the past year, according to a recent analysis by Metomic. Healthcare providers remain primary targets. In 2024, 92 percent of health organizations faced at least one cyberattack, with the most costly incidents reaching $4.7 million in damages, as reported by HealthTech Magazine. This is an urgent watershed moment.

Hospitals and health systems shoulder immense patient-safety and reputational risks. The attack on Change Healthcare last year compromised 190 million records, marking the largest breach of healthcare data in history, according to the American Hospital Association. Although the total number of breached records has declined from its 2024 peak, as tracked by the HIPAA Journal, the nature of cyber threats has evolved: adversarial AI is now fueling phishing campaigns, agentic malware, deepfake credential theft, and malware-as-a-service operations.

In response, the National Institute of Standards and Technology issued its CSF 2.0 framework, which adds a new “Govern” function and expands controls to include risk governance for AI-driven threats. The framework, while still voluntary, has drawn attention from vendors and policy leaders, including commentary from Censinet urging healthcare organizations to realign their strategy with these new benchmarks.

Operational preparedness must now match the speed and complexity of AI-enabled attackers. Healthcare cybersecurity strategy must evolve from static perimeter defenses to intelligent, adaptive systems—driven by machine learning and real-time visibility across endpoints and IoT devices. Executives must integrate AI across threat detection, risk analytics, and incident response, while ensuring CISO ownership, funding discipline, and continuous human oversight.

In the Q&A set to publish next week, George Pappas, CEO of Intraprise Health, explores how AI is reshaping the cyber threat landscape and why healthcare organizations must fully adopt enterprise risk frameworks today. That interview will serve as a strategic guidepost for leaders charged with fortifying defenses while preparing for the next wave of digital attack vectors.