Press Release

New Resilience Report Gives Healthcare Leaders a Data-Driven Roadmap to Reduce Cyber Risk

Photo of Cision PR Newswire Cision PR Newswire Send an email 7 seconds ago
0 5 minutes read

Claims data reveals what’s actually working — and what isn’t — in healthcare cybersecurity

SAN FRANCISCO, April 7, 2026 /PRNewswire/ — Healthcare is facing its most financially damaging cyber threat environment in recent memory — and many organizations are investing in the wrong places. Today, Resilience released US Healthcare and Cyber Risk: Threats, Trends and Strategies identifying the security practices delivering measurable reductions in actual financial loss across its healthcare portfolio, offering security leaders, risk managers, and the brokers who serve them a clear, evidence-based roadmap grounded in real claims outcomes.

Key findings from Resilience’s healthcare claims data include:

  • Social engineering drives 88% of material losses in Resilience’s healthcare portfolio, making human behavior the industry’s most exploited vulnerability.
  • Average claim severity exceeded $2 million per incident in 2025, with individual extortion demands reaching $4 million.
  • Five specific, implementable security controls are consistently delivering the greatest reductions in financial exposure — and the highest-ROI practices are not necessarily the most expensive.

“Healthcare is one of the most targeted sectors in the country, and the financial stakes have never been higher,” said Vishaal “V8” Hariprasad, CEO of Resilience. “What makes this research meaningful is that it goes beyond cataloguing the threat — it tells us what’s actually working. When we translate cyber risk into financial terms and look at real claims outcomes, the picture becomes much clearer for the leaders who have to make hard decisions about where to invest.”

The research also surfaces a counterintuitive finding for security leaders under budget pressure. “The healthcare organizations building genuine resilience aren’t necessarily the ones with the biggest security budgets,” said Jud Dressler, Head of the Risk Operations Center at Resilience. “They’re the ones that have aligned their investments to the risks that carry the highest financial consequences. Controls like dual authorization for wire transfers or continuous anti-fraud training aren’t expensive — but they’re delivering outsized protection. That’s the insight we want every healthcare security and risk leader to take away from this research.”

Download the full report, US Healthcare and Cyber Risk: Threats, Trends and Strategies

Frequently Asked Questions

What is the current state of cyber risk in healthcare? Healthcare is experiencing severe and accelerating cyber losses. According to Resilience claims data, average claim severity in its healthcare portfolio exceeded $2 million per incident in 2025, up from $800,000 in 2024, with individual extortion demands reaching as high as $4 million in the first half of the year. The broader threat landscape reflects this pressure: in 2024, 275 million healthcare records were breached — more than double the prior year and the largest single-year data exposure in U.S. history, according to the HIPAA Journal’s 2024 Healthcare Data Breach Report — while ransomware attacks on the sector surged 32%, according to Check Point Research.

What is driving the most financial loss in healthcare cyber incidents? According to Resilience’s analysis of its healthcare portfolio, social engineering drove 88% of material losses in the first half of 2025, making human error the industry’s single most consequential vulnerability. Ransomware and wire transfer fraud represent the highest causes of financial impact overall. Threat actors are also increasingly accessing organizations’ own cyber insurance policies to benchmark and set higher ransom demands — a tactic that adds additional leverage in extortion negotiations.

Which ransomware groups are posing the greatest threat to healthcare organizations? Resilience data shows that despite their high profile, well-known ransomware groups including BlackCat and Cl0p had lower-than-expected success rates against healthcare targets. Actual financial losses were more evenly distributed across lesser-known actors including Interlock, Lockbit, and Medusa. This suggests that healthcare organizations may have developed some defenses against the most visible threats while remaining exposed to others — making broad, consistent security practices more important than defenses calibrated to specific named groups.

What security controls deliver the highest ROI for healthcare organizations? Based on Resilience’s analysis of healthcare insurance claims data and financial risk modeling, five controls consistently delivered the greatest measurable reductions in financial exposure:

  • Role-based access controls (RBAC) limit both the likelihood and scope of a breach across sprawling healthcare systems with diverse user types and sensitive patient data.
  • Dual authorization for wire transfers is one of the most effective and lowest-cost defenses available against the social engineering and fraud tactics driving the majority of material losses.
  • Breach and attack simulations on EDR platforms surface blind spots in endpoint detection tools that would otherwise go undetected until an active incident.
  • Multi-factor authentication (MFA) for email consistently ranks among the highest-ROI defenses available, given how frequently email is used as an entry point by threat actors targeting protected health information. It is worth noting, however, that an increasing number of attacks can bypass MFA, as noted in our Annual Cyber Risk Report
  • Continuous anti-fraud training produces measurably lower financial exposure compared to organizations relying on periodic or compliance-driven instruction alone.

Are there any additional controls that deliver outsized results specifically in healthcare? Yes. Resilience data identified two additional practices that delivered particularly strong results in healthcare compared to other industries. Healthcare organizations that maintained immutable backups — with comprehensive coverage of clinical imaging files, databases, and system configurations — achieved significantly stronger risk reduction than peers in other sectors. Organizations that established a data governance committee achieved more than three times the risk reduction compared to organizations in other industries, making it one of the highest-impact structural investments a healthcare organization can make.

Why are healthcare organizations still experiencing significant losses despite substantial security investment? According to Resilience’s analysis, the core issue is that most healthcare organizations manage cyber risk through a compliance lens rather than a financial one. HIPAA established important baseline protections but was not designed for modern cyber threats. Organizations that deploy disconnected security tools without strategic coordination create gaps between systems, and annual assessments often become check-box exercises. Resilience data shows that organizations achieving the best outcomes are those that quantify cyber exposure in financial terms — modeling potential losses based on their specific risk profile rather than relying on subjective ratings or static benchmarks.

About Resilience Resilience helps organizations become cyber resilient to material losses by staying ahead of bad actors. Founded by experts from across the highest tiers of the US military and intelligence communities – and built by prominent leaders and innovators from the cybersecurity, technology, and insurance industries – Resilience is the world’s first cyber risk company that offers risk quantification software, cybersecurity experts, and A+ insurance in integrated solutions purpose-built for large and middle-market organizations.

Resilience is proud to be backed by leading technology investment firms including General Catalyst, Lightspeed Venture Partners, Intact Ventures, Founders Fund, CRV, and Shield Capital. With headquarters in San Francisco, Resilience is globally dispersed, with teams in New York, Chicago, Los Angeles, Baltimore, Toronto, London, Milan, Madrid, Stockholm, Rotterdam and Dublin. Resilience offers insurance coverage through its licensed and appointed insurance agents, and security services through its expert security team. The Resilience Solution is available through all broker partners to clients in the United States, United Kingdom, Canada, and Europe.

For more information, visit www.cyberresilience.com.

Cision View original content to download multimedia:https://www.prnewswire.com/news-releases/new-resilience-report-gives-healthcare-leaders-a-data-driven-roadmap-to-reduce-cyber-risk-302735291.html

SOURCE Resilience

Author

Photo of Cision PR Newswire Cision PR Newswire Send an email 7 seconds ago
0 5 minutes read

Leave a Reply

Related Articles

NCS Analytics Launches NCS Thea, the First-Ever Lending Intelligence Platform Built on Government-Verified Cannabis Data

22 seconds ago

Critically Acclaimed Documentary UNBROKEN Announces Nationwide Watch Party April 13th, 2026, on Netflix

41 seconds ago

KITS Eyecare Reports Preliminary First Quarter 2026 Results

55 seconds ago

ClerkMinutes Announces National Meeting Minutes Day, Marking the Largest Single-Day AI Deployment in Local Government

1 minute ago
Back to top button