Fortified Health Security (Fortified), a Best in KLAS managed security services provider (MSSP) specializing in healthcare cybersecurity, today released the 2025 Horizon Report, a semiannual publication on cybersecurity news, trends, guidance and solutions for healthcare organizations.
Analyzing data from the Office for Civil Rights (OCR), the Horizon Report has served as a free resource for healthcare professionals since 2017. The 2025 edition includes contributions from experts—including internationally recognized cybersecurity expert Paul Connelly—on solutions for some of the acute cybersecurity issues facing healthcare organizations today. These include budget and talent challenges, the growing role of AI in hospitals, the evolution of threat actors and third-party risk management.
“As we enter 2025, the healthcare sector will be confronted with a rise in cyberattacks, strict legislative regulations and the ongoing enhancement of AI, all while navigating financial pressures,” wrote Dan Dodson, chief executive officer at Fortified, in the report. “There are no ‘one-size-fits-all’ answers to confronting these challenges. That is why collaboration is critical to safeguarding cybersecurity risks.”
The report also provides important data breach statistics, building on those published in Fortified’s mid-year report last summer. Key insights from the report include:
-
The total number of patient records exposed in 2024 rose 9%, from 168 million to 183 million
-
Business Associates accounted for a smaller percentage of cyber attacks in 2024 than the year prior, yet these attacks comprised 67% of total exposed patient records
-
Healthcare Clearing Houses saw an increase in cyber attacks of more than 2,000%, indicating growing vulnerability among entities that manage massive volumes of patient data
-
While network servers remained the most common breach location, phishing was reinforced as a go-to tactic for threat actors, with email breaches growing by 18% in 2024
