As cyber threats continue to shake up healthcare globally, the Health Information Sharing and Analysis Center (Health-ISAC) is ramping up efforts to build resilience in its fifteenth year. Their recently released Annual Report for 2025 highlights extensive global threat intelligence operations, now featuring around-the-clock support from new analysts based in the Asia-Pacific region. Notably, they’ve successfully integrated 90% of public hospitals in Belgium into their system.
In the past year, the Threat Operations Center (TOC) at Health-ISAC issued over 1,300 alerts on high-risk vulnerabilities, establishing itself as a vital intelligence hub for the healthcare sector. They provide actionable intelligence via alerts, bulletins, and daily cyber briefings. Partnerships, like the one with Google Cloud, enhance their ability to monitor global threats and coordinate responses effectively.
A new initiative, the Member Tabletop Exercise program, allows healthcare organizations to run customized simulations. These simulations help identify and close operational gaps before cybercriminals can exploit them.
“2025 shows our growth toward a resilient global healthcare community,” said Denise Anderson, Health-ISAC’s president and CEO. “We’ve expanded in the Asia-Pacific region and tackled cyber threats head-on.”
The Health-ISAC’s ‘Cultivating Resilience’ report underscores its commitment to providing critical updates on the ever-evolving cyber threat landscape. Their quarterly Health Sector Heartbeat reports dive deep into ransomware trends and cybercrime statistics, offering essential context and strategies for vulnerability mitigation.
In January, Health-ISAC alerted stakeholders to a zero-day attack exploiting Ivanti Connect Secure remote access appliances. The following months saw warnings about increased threats to CEOs, especially after the murder of a health executive in December 2024. Alerts in subsequent months highlighted fake ransomware letters and extensive cyber activities tied to nation-state actors like North Korea and China.
Notably, in the first half of 2025, a staggering 8,903 cyber incidents were recorded, marking a 55% increase from 2024. The health sector saw 585 incidents, up 21% from the prior year. Such statistics illustrate the rising challenge for healthcare cybersecurity.
Alongside these initiatives, Health-ISAC tackled medical device cybersecurity through its Medical Device Security Council. This effort brought together hundreds of volunteers from various manufacturers and health delivery organizations to share security challenges and develop solutions.
In February 2025, they released a white paper detailing the evolving responsibilities between manufacturers and healthcare organizations throughout the device lifecycle.
Phil Englert, a vice president at Health-ISAC, emphasized the importance of clear communication roles in addressing vulnerabilities quickly. “Clarifying roles helps reduce risks to patients and ensures regulatory compliance,” he stated.
With increased awareness of the cybersecurity landscape, organizations are encouraged to adopt proactive measures. In an era where threats escalate daily, collaboration and informed responses are essential for ensuring the safety of our healthcare systems.
For more insights, check the Health-ISAC’s report here.
Source link
cyber attacks,cyber resilience,cyber threats,Health-ISAC,Healthcare,healthcare cybersecurity,healthcare delivery,threat intelligence,Threat Operations Center,TOC,vulnerabilities
