RunSafe Security Releases 2025 Medical Device Cybersecurity Index Amid Surge in Threats to Patient-Critical Devices

Posted on June 18, 2025

More than 1 in 5 healthcare organizations report cyberattacks impacting medical devices, as security concerns shift from IT systems to operational technology (OT)

MCLEAN, Va.  — June 18, 2025 — 22% of healthcare organizations have experienced cyberattacks that directly impacted medical devices, according to the 2025 Medical Device Cybersecurity Index released today by RunSafe Security, a pioneer of cyberhardening technology for embedded systems across critical infrastructure. Three-quarters of these incidents disrupted patient care, including nearly a quarter (24%) that required patient transfers to other facilities. 

RunSafe’s 2025 Medical Device Cybersecurity Index surveyed 605 healthcare executives across the U.S., UK, and Germany. It reveals that healthcare cybersecurity has evolved from primarily an IT concern to a patient safety imperative driving procurement decisions and operational strategies. In fact, the findings demonstrate a sharp pivot in healthcare cybersecurity priorities, with 35% of organizations now identifying Operational Technology (OT) systems like medical devices as their biggest cybersecurity concern, compared to traditional IT systems. 

Heightened concerns come as hospitals digitize and interconnect everything from infusion pumps to imaging systems. The FBI’s Cyber Division recently reported that 53% of networked medical devices have at least one known critical vulnerability, while healthcare experienced more cyber threats in 2024 than any other critical infrastructure industry. 

The consequences of these attacks extend far beyond data breaches. Among healthcare organizations that experienced medical device cybersecurity incidents, 46% also required manual processes to maintain operations, 44% reported delayed diagnoses or procedures, and 44% had extended patient stays. When systems failed, 43% experienced up to 4 hours of downtime, while 31% faced up to 12 hours without critical systems.

Additional key findings from RunSafe Security’s 2025 Medical Device Cybersecurity Index:

  • Procurement transformation: 83% of healthcare organizations now integrate cybersecurity standards directly into their medical device RFPs, with 46% declining purchases due to cybersecurity concerns
  • Regulatory influence: 73% report that new FDA cybersecurity guidance and EU cybersecurity regulations are already influencing their procurement decisions
  • OT Budgets increase but confidence lags: 75% of organizations increased their medical device and OT security budgets over the past 12 months. Yet, only 17% feel extremely confident in their ability to detect and contain attacks on medical devices
  • Premium pricing acceptance: 79% of executives say their healthcare organization is willing to pay a premium for devices with advanced runtime protection or built-in exploit prevention, with 41% willing to pay up to 15% more
  • Transparency demands: 78% of providers consider Software Bills of Materials (SBOMs) essential or important in procurement decisions

The survey also reveals conscious targeting of critical infrastructure, with malware infections (51%) and network intrusions (44%) serving as primary attack vectors. More than a third of organizations experienced ransomware specifically designed to disrupt device operations, while 26% faced supply chain compromises affecting multiple facilities simultaneously.

”Healthcare organizations are no longer treating medical device cybersecurity as checkbox compliance – these attacks could disrupt patient care today and force providers to make life-or-death decisions when systems fail,” said Joe Saunders, Founder and CEO of RunSafe Security. “Threat prevention has moved from the server room to the operating room, and our research shows it’s fundamentally reshaping how healthcare organizations evaluate, purchase, and deploy medical devices.”

Download the full RunSafe Security 2025 Medical Device Cybersecurity Index here.

About RunSafe Security

RunSafe Security protects embedded software across critical infrastructure, delivering automated vulnerability identification and software hardening from build-time to runtime to defend the software supply chain and critical systems without compromising performance or requiring code rewrites. The RunSafe Security Platform includes the authoritative build-time SBOM generator for embedded systems and C/C++ projects, automated vulnerability identification and risk quantification, patented memory relocation techniques to mitigate memory-based vulnerabilities, and pre-hardened open-source packages and containers for immediate protection. 

Headquartered in McLean, Virginia, with an office in Huntsville, Alabama, RunSafe Security’s customers span the aerospace and defense, energy, operational technology, industrial automation, transportation and automotive, medical device, and high-tech manufacturing verticals.

Media Contact:
RunSafe Security
Staci Cretu, SVP & CMO
Staci@RunSafeSecurity.com
https://runsafesecurity.com