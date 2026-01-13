New report highlights accelerating cyber incidents, emerging AI governance risks, and the growing importance of human-centered cybersecurity

Fortified Health Security (Fortified), a Best in KLAS managed security services provider (MSSP) specializing exclusively in healthcare cybersecurity, today released its 2026 Horizon Report, a free, bi-annual publication. Drawing on data and analysis from January 2024 through December 2025, including U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) breach data, Fortified’s rolling NIST Cybersecurity Framework (CSF) assessments, and real-world incident response experience, the 2026 report reveals a defining shift in healthcare cybersecurity.

The report highlights how resilience, not just prevention, has become a key challenge for the industry. While mega-breaches have declined, cyber incidents are occurring more often, creating a constant state of disruption that strains teams, processes, and response readiness. The findings show healthcare organizations are being tested by sustained operational pressure, where the ability to detect, respond, and recover consistently is as critical as limiting data exposure.

“Healthcare cybersecurity is no longer about surviving a single catastrophic event,” said Dan L. Dodson, chief executive officer at Fortified Health Security. “It’s about enduring relentless pressure. Breaches are happening more often, with smaller data footprints, and that shift demands a fundamentally different approach, one grounded in people, process, and preparedness, not just technology.”

The report examines breach trends across 2025 and identifies critical insights shaping cybersecurity readiness in healthcare:

Breach frequency surged , with total reported breaches increasing more than 100% compared with 2024. However, the number of patient records exposed declined significantly, signaling progress in limiting breach size.

Email-based breaches more than doubled , driven by phishing, credential misuse, and workforce errors, reinforcing the need for continuous training and identity controls.

Only 6% of healthcare organizations report being very confident in their ability to detect, contain, and recover from a cyber incident, highlighting persistent gaps in incident response readiness and recovery confidence.

Third-party risk management remains a major gap , with just 4% of surveyed leaders expressing strong confidence that vendor risk assessments align with actual risk.

Shadow AI has emerged as a new insider threat, as clinicians and staff increasingly use unsanctioned AI tools outside approved governance frameworks, potentially exposing sensitive data beyond organizational control.

The report also examines how accelerating federal initiatives, including the Rural Health Transformation Program, the Centers for Medicare & Medicaid Services (CMS) Interoperability and Prior Authorization Final Rule, and a potential update to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule, are driving modernization while increasing the need for strong cybersecurity governance to avoid new exposure.

