The 2025 Data Threat Report Healthcare & Life Sciences Edition examines internal vulnerabilities, external threats and their impact on the assets of healthcare, biotech and pharmaceutical institutions. The report covers the impact of Artificial Intelligence on security practices, the challenges of a complex IT environment, data security best practices and the evolving threat landscape among other topics. As always, the Data Threat Report encourages and equips security leaders to build stronger alliances spanning their own organizations and partner ecosystems to achieve broader enterprise goals. This research was based on a segment of 562 healthcare, biotechnology and pharmaceutical industry respondents extracted from a global survey of 3,163 professionals in security and IT management in 20 countries.
Conducted by
69% cited the fast-moving AI ecosystem as their top concern, followed by concerns about model and data integrity (65%) and trustworthiness (60%).
68% of respondents are investing in GenAI-specific security tools, and 18% are using newly allocated budget.
27% have little or no confidence in identifying where their data is stored.
Only 4% of Healthcare & Life Sciences organizations have encrypted 80% or more of their sensitive cloud data.
Healthcare & Life Sciences organizations identified these major quantum computing security threats:
67% are concerned about future encryption compromise.
58% are concerned about key distribution.
59% are concerned about future decryption of today's data, including harvest now, decrypt later.
58% were driven to pursue digital sovereignty by specific customer, regional or global privacy mandates.
46% said that encryption and key management provide sufficient protection to achieve objectives.
1.9 The average number of IaaS providers, remained constant, similar to the overall average.
77 The average quantity of SaaS applications in use grew from 66 last year to 77 this year — a 14% increase in just one year.
32% of organizations use more than 500 APIs; 14% use more than 1,000 (compared to 34% and 22%, respectively, surveywide).
62% of organizations said code vulnerabilities are a major concern for application security, placing it as the top response, compared to 59% surveywide.
54% said Secrets management is a leading DevOps security challenge, versus 55% surveywide.
Only 15% identified secrets management as most effective in protecting data, despite the devastating impact of compromised secrets.