Geopolitics, AI, and cyberwar: Is healthcare ready for 2025?

Healthcare organizations face unprecedented cybersecurity challenges as artificial intelligence adoption outpaces security safeguards and  geopolitical tensions rise, according to the World Economic Forum’s Global Cybersecurity Outlook 2025 report released on January 13.

The report reveals that while 66% of organizations expect AI to significantly impact cybersecurity this year, only 37% have processes to assess AI tools’ security before deployment. This dangerous gap between technology adoption and security preparation is particularly concerning for healthcare organizations, who are increasingly looking toward AI to solve some of healthcare’s biggest issues, like the slog of administrative tasks contributing to burnout and workforce shortages.

The report is based on the Global Cybersecurity Outlook survey from the World Economic Forum in partnership with Accenture. The survey collected responses from 321 participants across 57 countries between September and October 2024. Researchers conducted 43 in-depth interviews with C-suite executives, industry leaders, and academics. The World Economic Forum also gathered additional insights during the Annual Meeting on Cybersecurity in November 2024, where six poll questions were posed to more than 170 executives.

“Cybersecurity threats are more complex and unpredictable than ever and can directly impact an organization’s financial stability. The disruptive force of AI, coupled with supply chain vulnerabilities and geopolitical tensions, calls for a more proactive and collaborative approach to ensure a strong cyber resilient posture across all industries,,” said Paolo Dal Cin, Global Lead at Accenture Security in a statement. “C-suite leaders must adopt a security-first mindset from the outset to confidently navigate these challenges with cybersecurity as an enabler that keeps our businesses and organizations resilient.”

For healthcare organizations, the stakes couldn’t be higher. Hospitals and healthcare systems have become prime targets for ransomware attacks, with patient data and critical care systems held hostage. The complexity highlighted in the report is exponentially magnified in healthcare settings, where thousands of connected medical devices – from insulin pumps to MRI machines – create vast attack surfaces for cybercriminals.

Supply chain vulnerabilities create critical weak points

The majority (54%) of large organizations reported that supply chain vulnerabilities are their greatest barrier to achieving cyber resilience. In the report, “supply chain” encompasses all third-party vendors, suppliers, and service providers that organizations depend on for their operations. This is particularly troubling for healthcare facilities, where each connected device represents a potential entry point for attackers.

Healthcare systems are especially vulnerable because they typically work with hundreds of third-party vendors who require varying levels of access to sensitive systems and patient information. When medical device manufacturers, software providers, or even maintenance contractors have security weaknesses, they create backdoors into critical hospital infrastructure. A single compromised connection can threaten entire care delivery systems, potentially impacting patient safety during their most vulnerable moments.

Public sector healthcare organizations most at risk

Government-run healthcare systems face disproportionate challenges. The report found 38% of public-sector respondents perceive their resilience as inadequate, compared to just 10% of medium-to-large private-sector organizations. This disparity is especially alarming considering the essential services public health institutions provide.

The staffing crisis compounds these issues. Since 2024, the cyber skills gap has increased by 8%, with two-thirds of organizations lacking essential talent. Public-sector healthcare organizations reported a 33% increase in workforce shortages, with 49% indicating they don’t have the staff needed to meet cybersecurity objectives.

Geopolitical tensions reshape healthcare security priorities

Nearly 60% of organizations report that geopolitical tensions have altered their cybersecurity strategies. One in three CEOs now cite cyber espionage and intellectual property theft as top concerns. For healthcare research institutions developing breakthrough treatments, the threat of information theft poses risks beyond immediate financial loss – it could undermine years of research and compromise competitive advantages in medical innovation.

Foreign-based and state-sponsored cyber gangs targeting the U.S. healthcare system might be looking for intellectual property, or more likely, they are looking to dismantle our critical infrastructure. As we saw last year with the Change Healthcare cyberattack, when an essential third-party billing and payment processor was compromised, the effects rippled throughout the entire healthcare ecosystem. Thousands of providers faced cash flow crises, patients encountered billing errors and care delays, and the total impact exceeded billions of dollars in damages. This single supply chain vulnerability demonstrated how attacking one critical healthcare service provider can create widespread disruption across the entire healthcare delivery system, affecting millions of patients nationwide.

“The reality is that ransomware attacks on hospitals and healthcare systems are a serious threat to international peace and security,” said Anne Neuberger, U.S. Deputy National Security Advisor for Cyber and Emerging Tech, at the U.N. Security Council in November 2024. “They jeopardize lives; they destabilize societies.”

She also cited data from the U.S. intelligence community that found that 51% of global cyberattacks in the first half of 2024 were against the U.S. alone.

Moving from prevention to resilience

The report calls for a fundamental shift from focusing solely on cybersecurity prevention to building comprehensive cyber resilience – the ability to continue core operations despite attacks.

For healthcare organizations, this means redesigning systems with the assumption that breaches will occur. It requires developing capabilities to quickly detect attacks, contain damage, and recover essential services to minimize impact on patient care.

“The 2022 cyberattacks on Costa Rica served as a wake-up call,” said Paula Bogantes Zamora, Minister of Science, Innovation, Technology and Telecommunications of Costa Rica. “Through this journey, we have recognized the need to strengthen our ecosystems by collaborating with our neighbors to enhance resilience.”

The same collaborative approach is essential for healthcare, as studies show that ransomware attacks on one healthcare system can create a “spillover effect” on neighboring health systems. No single organization can solve these challenges alone. Instead, the report suggests healthcare leaders work across their sector to share threat intelligence, establish security standards for connected medical devices, and develop coordinated response protocols.

As healthcare increasingly depends on digital technologies and AI, security can no longer be an afterthought. It must be integrated into every aspect of healthcare delivery – from device procurement to clinical workflows – to ensure patients receive care that’s both cutting-edge and secure.