As first reported by Help Net Security, a new report highlights a growing tension within the healthcare industry: while AI is increasingly seen as a powerful tool for improving efficiency and cybersecurity, many organizations remain unprepared for the very threats it can generate.
Only 29% of healthcare executives say they feel ready to handle AI-powered attacks, even though 41% expect them to occur. Similarly, deepfake threats are anticipated by nearly half of respondents, but just 32% believe their organizations are adequately prepared. Despite these gaps, many executives express confidence in their defensive capabilities, with nearly half reporting high competence in using AI to boost cybersecurity.
One of the most glaring vulnerabilities lies in the software supply chain, which remains a blind spot for many healthcare providers. Just 21% of executives are making significant investments in securing it, and more than half report limited visibility into its risks.
However, there are signs of progress: 61% of healthcare organizations are now integrating cybersecurity teams with business units, reflecting a broader understanding that cyber resilience is a shared responsibility. Meanwhile, 59% of leadership roles are being measured against cybersecurity KPIs, and 43% are proactively budgeting for security at the start of new projects.
Looking ahead to 2025, decision-makers are preparing to invest in tools to combat emerging AI-enabled threats, including generative AI attacks and zero trust architecture. Still, the report warns that AI’s rapid proliferation—and its still-limited regulation—leaves ample room for bad actors to exploit.
As organizations rush to integrate AI while shoring up their defenses, the actions taken now will be pivotal in determining whether healthcare can realize AI’s potential without falling victim to its darker side.
