HIPAA Journal September 5, 2025
Steve Alder

Healthcare organizations are relatively unlikely to have serious cybersecurity vulnerabilities compared to other industry sectors, as they are generally good at prevention; however, when vulnerabilities are identified, healthcare lags other sectors when it comes to remediation. These are the findings from a recent analysis of penetration testing data and a survey of 500 U.S. security leaders by the Pentest-as-a-service (PTaaS) firm Cobalt. The findings are published in its State of Pentesting in Healthcare 2025 report.

Serious cybersecurity vulnerabilities are relatively rare in healthcare, with the industry ranking 6th out of the 13 industries represented in the data, with only 13.3% vulnerabilities identified through pentesting qualifying as serious. When penetration tests identify serious vulnerabilities, they need to be remediated promptly. As...

Today's Sponsors

Venturous
ZeOmega

Today's Sponsor

Venturous

Continue Reading

 
Topics: Cybersecurity, Survey / Study, Technology, Trends
Related Articles:
OT–IT Cybersecurity: Navigating The New Frontier Of Risk
STAT+: Hospitals and Epic demand better security for patient records
‘Complexity is where cyber risk tends to grow’
Researchers broke every AI defense they tested. Here are 7 questions to ask vendors.
Your Organization Isn’t Cyber Ready... It Just Thinks It Is

Share Article