Healthcare Losses are Featured in the Netwrix 2025 Cybersecurity Trends Report
According to Netwrix’s 2025 Cybersecurity Trends Report, hackers are causing healthcare firms to suffer increasing financial losses.
Nearly half (48%) of healthcare firms reported at least one cybersecurity incident in the previous 12 months, according to the 2025 Cybersecurity Trends study. The price was high for many: the percentage of healthcare respondents who reported losses over $200,000 almost doubled from 2024, going from 5% to 19% in this year’s poll. Additionally, reported losses exceeding $500,000 increased, rising from 2% the previous year to 12% this year. In contrast, only 13% of all industries recorded losses over $200,000 in 2025, and only 6% reported losses exceeding $500,000.
Threats that often start with credentials that have been stolen include ransomware, phishing, and user account breach. According to nearly one-third of respondents (31%) there have been instances of compromised user or admin accounts in their workplaces.
AI was also questioned for the first time in the 2025 study. The speed at which adversaries are utilizing AI to enhance phishing and privileged account penetration is demonstrated by the fact that 37% of IT and security experts stated that AI-driven attacks had already compelled them to fortify defenses.
The results indicate that attackers, particularly those utilizing AI, are growing more quickly than many defenders can keep up, despite increased defense investment.
Because attackers are aware that patient records are valuable and that operations cannot afford to be disrupted, the healthcare sector is being struck more severely than other sectors, according to Grady Summers, CEO of Netwrix. Identity must be the first line of defense for patient data because these assaults frequently begin with compromised credentials.
AI is increasing the speed at which attackers are outpacing defenders, according to Jeff Warren, Chief Product Officer of Netwrix. Resilience based on an identity-first strategy that safeguards accounts and the private information they can access is necessary to close it.
