The 2025 KLAS Research Healthcare Cybersecurity Benchmarking Study surveyed 69 healthcare and payer organizations and found that while most have strong processes for responding to and recovering from cyber incidents, they lag significantly in proactive areas such as governance, identifying assets, and managing third-party risks. Coverage was particularly low for supply-chain risk management and asset management—both crucial in mitigating vendor-related breaches. Organizations using the NIST Cybersecurity Framework 2.0 as their primary framework were more likely to see lower increases in cyber-insurance premiums. The study also found early adoption of the NIST AI Risk Management Framework and significant gaps in medical device security, highlighting that the biggest cybersecurity challenge

VIEW ON KLASRESEARCH.COM