Hospitals Declare Cyber Confidence - But 82% Haven't Audited Physical Risks From Deepfakes, Synthetic IDs and AI-Enabled Break-Ins, New Survey Finds
WASHINGTON, D.C. / ACCESS Newswire / May 20, 2025 / As artificial intelligence rapidly transforms the cyber threat landscape in healthcare, new data from Black Book Research reveals a critical and overlooked vulnerability: the physical security of hospitals, clinics, and payer organizations. While 93% of surveyed cybersecurity leaders say their digital defenses are strong, fewer than one in five have any strategic plan to address the rise of AI-enabled physical security threats.
Based on Q2 2025 polling of 1,128 provider and payer cybersecurity decision-makers worldwide, Black Book's findings point to a dangerous disconnect. Healthcare organizations are investing heavily in digital firewalls, endpoint protection, and ransomware defense, yet they remain largely blind to a new class of threats powered by generative AI - threats that can mimic clinician voices, manipulate surveillance footage, bypass building access systems, and compromise smart infrastructure.
"AI is no longer just a digital threat - it is a physical one," said Doug Brown, founder of Black Book Research. "We are now seeing threat actors use generative AI to impersonate clinicians, defeat voice authentication, bypass smart locks, and manipulate surveillance systems. These are no longer hypothetical scenarios. Attackers are walking through the front doors of hospitals using tools that outpace the slow churn of healthcare policy, procurement, and security oversight. Any health system that still separates physical and cyber risk is operating on outdated assumptions."
Respondents described a widening gap between cyber risk awareness and operational readiness. Despite growing headlines about AI-generated phishing, deepfake impersonations, and drone surveillance, the healthcare sector has not meaningfully upgraded its physical security posture in parallel with its digital investments.
Key Findings From the Black Book Q2 2025 Poll:
93% of cybersecurity leaders say their digital protections are adequate, but only 18% report having any strategy to mitigate AI-driven physical threats.
71% of hospital executives acknowledge their facility's physical security systems are unprepared for manipulations such as deepfake badge credentials or sensor spoofing.
67% of payer organizations with physical office sites or hybrid call centers were unaware that AI voice cloning could defeat IVR authentication or front-desk verification processes.
82% of all respondents reported they had not conducted a cyber-physical risk audit in the past 12 months.
Top-Rated Cybersecurity Vendors Tackling AI-Driven Physical and Digital Threats in Healthcare
Black Book Research has verified the respondents' highly praised capabilities of the following cybersecurity vendors, all of which deliver AI-enabled platforms with demonstrated relevance in detecting and mitigating advanced cyber-physical threats in healthcare environments. These vendors are either directly deployed in hospitals, health systems or payer networks, or offer validated healthcare-grade solutions based on machine learning, behavioral analytics, and autonomous threat response.
Armis delivers agentless visibility and AI-based risk monitoring for connected medical devices and operational technologies. Deployed across leading hospitals, its platform detects anomalous behavior in IoMT and OT environments, helping healthcare providers stop threats before they compromise physical infrastructure.
Bishop Fox provides AI-aware red teaming and offensive security services used by health systems to expose vulnerabilities in surveillance, badge access systems, and connected care infrastructure. Their simulation capabilities help healthcare organizations test defenses against AI-enhanced physical intrusions.
Claroty (Medigate) is widely adopted in hospitals to protect IoMT and clinical systems. The platform uses machine learning to detect manipulation of connected devices and smart facility components, including anomalous commands and unauthorized lateral movement.
Cisco Secure integrates healthcare-focused solutions across cloud, identity, and network layers. It supports Zero Trust architectures and includes AI-powered analytics to monitor both digital and physical access behaviors in hybrid clinical environments.
CrowdStrike protects clinical endpoints and connected devices through its Falcon platform, which uses agent-based AI to detect behavioral anomalies, prevent lateral movement, and stop sophisticated threat campaigns across health systems.
Cynerio is purpose-built for securing medical IoT systems. It baselines normal device behavior across hospitals and flags AI-driven manipulation attempts, ransomware infections, and supply chain exploits targeting connected care delivery tools.
Darktrace uses autonomous self-learning AI to detect zero-day threats and novel behavioral anomalies. Deployed in over 8,000 healthcare organizations globally, Darktrace's platform can detect early-stage impersonation, badge cloning, and network manipulation from AI-generated vectors.
IBM Security offers platforms like QRadar SIEM and Guardium, used by large health systems to correlate digital and physical access data. IBM applies AI to unify log analytics, automate threat response, and monitor for adversarial AI activity across healthcare ecosystems.
Okta powers identity and access management for major healthcare providers. Its adaptive AI continuously assesses login behavior, location patterns, and risk scores to prevent credential theft and synthetic access, particularly in EHRs and clinical cloud tools.
Ordr provides deep visibility and automated security policy enforcement for connected medical and building systems. Hospitals use Ordr's AI to isolate and stop unauthorized device activity and prevent cross-system propagation of malicious code or impersonation attempts.
Palo Alto Networks enables comprehensive protection of digital and clinical assets through AI-powered Cortex XDR and Prisma Cloud. It helps health systems enforce segmentation, detect polymorphic malware, and block command-and-control traffic targeting physical operations.
SentinelOne delivers autonomous endpoint protection via its Singularity platform. Deployed in hospital systems and diagnostics labs, it applies machine learning to identify and remediate AI-crafted exploits, polymorphic malware, and threat behaviors in real time.
Vectra AI provides identity and workload monitoring for healthcare systems. Its AI-driven detection platform flags privilege escalation, lateral movement, and behavioral deviation - common tactics in AI-generated attacks that bypass legacy defenses.
These platforms reflect a growing recognition that AI-generated threats cannot be contained by traditional rules-based defenses alone. Hospitals, health systems, and payers are increasingly adopting tools that can recognize synthetic behaviors, detect impersonation, and secure both digital and physical assets from machine-powered threat actors.
What Makes a Tool 'AI Threat-Ready' in Healthcare?
To truly detect AI-generated threats, a cybersecurity solution must detect synthetic behaviors, not just known malware signatures; identify impersonation and deception, including voice, video or identity misuse; monitor IoMT and OT environments, where AI threats now extend beyond IT systems; and simulate or red-team AI threats, allowing health systems to assess vulnerabilities beyond traditional pen testing.
Access the Free '2025 Black Book of Healthcare Cybersecurity' Report
For a comprehensive overview of the healthcare cybersecurity landscape, including profiles and evaluations of 430 cybersecurity software and service vendors, download the free "2025 Black Book of Healthcare Cybersecurity" report. This 210-page resource offers insights into EHR security, ransomware defense, IoMT protection, and AI-powered cyber-physical threat mitigation. Download at https://blackbookmarketresearch.com/the-2025-black-book-of-healthcare-cybersecurity.
Contact Information
Press Office
research@blackbookmarketresearch.com
8008637590
SOURCE: Black Book Research
View the original press release on ACCESS Newswire:
https://www.accessnewswire.com/newsroom/en/healthcare-and-pharmaceutical/ai-powered-intruders-walk-into-hospitals-unchallenged-black-book-warn-1025949
