Skip to main content
What can we help you find?
main content, press tab to continue
Article | Managing Risk

Healthcare cyber risks: Strengthen your defences with analytics

By Anthony Wilson and Omar Al-Shahery | August 4, 2025

Budget constraints, outdated technology and the critical nature of healthcare services make it a target for cybercriminals. How can you better protect your healthcare organization from cyber events?
Subscribe
Cyber-Risk-Management-and-Insurance|Risk and Analytics|Risk Management Consulting|Corporate Risk Tools and Technology
N/A

The global healthcare system is under relentless attack. Over the past year, cybercriminals have been breaching hospitals, insurers and healthcare providers with increasingly impactful consequences, crippling finances, disrupting care, and even causing patient harm. In the US, the UnitedHealth attack in early 2024 was the single largest cyber incident in US healthcare history. In 2024, 92% of US healthcare organizations reported at least one cyber-attack, with healthcare data breaches increasing to 64% of those reported, affecting 276 million records. Microsoft research indicates healthcare ransomware attacks in the US have increased by almost 300% since 2018.

It isn’t just the US healthcare industry experiencing increasing impact from cyber-events, with the United Kingdom, European Union and APAC all facing very similar threats.

Why is the healthcare industry experiencing so many cyber incidents?

The reasons behind the rising number and cost of cyberattacks against the healthcare industry are varied and reveal as much about the state of the industry as they do the cybercriminal ecosystem which targets it:

  • Cybercriminal targeting: As better resourced organizations have become more cyber resilient, opportunistic cybercriminals have turned to less well-resourced and defended targets making up in volume what they might lose pursuing more lucrative targets. This has made healthcare organizations more attractive to cybercriminal organizations seeking easier prey.
  • Budget constraints: Healthcare organizations can often face financial limitations due to revenue constraints or narrow profit margins limiting investments in cybersecurity.
  • Expensive, aging and insecure technology not designed to withstand modern threats: Healthcare Internet of Things (IoT) and Operational Technology (OT) devices can contain numerous vulnerabilities including security gaps in their applications, outdated firmware, unsupported legacy hardware, less robust or hardcoded credentials, poor data protection and insecure wireless configurations to name but a few challenges. Research suggests these combine to pose significant risks to patient safety and system integrity.
  • Life-and-death services that cannot have downtime: Numerous cyber incidents on healthcare providers have disrupted patient care – whether making records or scheduling platforms unavailable or taking medical devices offline – cybercriminals can use this leverage to pressure providers into making payments to restore their ability to resume patient care.
  • Data as target and leverage: Cyber criminals also understand the leverage possessing personal health information (PHI) offers during negotiations with healthcare providers over ransoms. Part of this pressure is the regulatory penalties many jurisdictions impose on healthcare organizations for not properly protecting customer and patient data when breaches occur.

How can quantifying cyber risk protect healthcare organizations?

As well as adopting secure-by-design principles for connected technology infrastructure, healthcare organizations need to make better decisions on investments in enhanced cybersecurity controls. Getting the most effective and efficient options means having a holistic understanding of the return on investment (ROI) of your options for risk mitigation and transfer to insurance markets.

You can financially quantify potential losses for various potential cyber scenarios based on industry, size of organization, data holdings, and geography. By using analytics and modeling to evaluate the impact of financial investments in combinations of enhanced security controls and insurance coverage you can create a tailored strategy offering optimized ROI for your organization. Financial modeling cyber risk can also serve as a common language to communicate more effectively across organizational silos between risk managers, CISOs and CFOs, enabling better collective decision-making over investments in risk management.

Better prepare your organization to manage future cyber risks by modelling financial loss before it occurs. Take control of your cyber risk strategy with tailored advice from our specialist cyber consultants.

Contacts

Anthony Wilson
Director, Cyber Risk Consulting
email Email
Omar Al-Shahery
Director - Head of Cyber Risk Consulting
email Email

Disclaimer

WTW hopes you found the general information provided here informative and helpful. The information contained herein is not intended to constitute legal or other professional advice and should not be relied upon in lieu of consultation with your own legal advisors. In the event you would like more information regarding your insurance coverage, please do not hesitate to reach out to us. In North America, WTW offers insurance products through licensed entities, including Willis Towers Watson Northeast, Inc. (in the United States) and Willis Canada Inc. (in Canada).

Related content tags, list of links Article Managing Risk Cyber Risk Management and Insurance Risk and Analytics Risk Management Consulting Corporate Risk Tools and Technology Healthcare Insurance Life Sciences Leisure and Hospitality

Related cyber risk capabilities

Risk and Analytics

Optimize risk management, improve financial performance and gain actionable insights with our integrated risk and insurance analytics and consulting services.
Cyber Risk Consulting

Enhance cyber risk resilience and align cybersecurity strategies with priorities driven by finance, operations, information and technology with tailored cyber risk consulting solutions.
Enterprise Risk Management Consulting

With our expertise and tailored solutions, we improve complex enterprise risk management by identifying, quantifying and mitigating unpredictable, interconnected risks.

Related cyber risk insights

See all insights
Webcast
Risk managers: You can drive more value from data
Article
Elevate your risk and insurance strategy during a softening market using analytics
Webcast
Risk managers: Why and how you can lead the way to cyber resilience
Webcast
AI: What principles and best practices do risk managers need to know now?
Contact us