RunSafe Security Releases 2026 Medical Device Cybersecurity Index

May 04, 2026

News

RunSafe Security released its 2026 Medical Device Cybersecurity Index reporting that 80 percent of cyberattacks affecting medical devices disrupt patient care while 24 percent of healthcare organizations report medical devices are affected by incidents.

The survey was completed by 551 healthcare professionals across the United States, the United Kingdom, and Germany.

Core Findings:

• 24 percent of organizations report cyberattacks or exploited vulnerabilities involving medical devices
• 80 percent of incidents caused moderate or significant disruption to patient care
• 84 percent include cybersecurity requirements in procurement processes
• 56 percent rejected devices due to cybersecurity concerns, up from 46% in 2025
• 44 percent report using devices with known, unpatched vulnerabilities
• 28 percent operate devices past end-of-support, contributing significantly to exposure risk
• 57 percent use AI-enabled or AI-assisted medical technologies

“The findings land against a backdrop of large-scale healthcare cyber incidents that have disrupted care delivery and revenue flows, underscoring how quickly attacks on device-adjacent systems can translate into patient harm,” said Joseph M. Saunders, Founder and CEO of RunSafe Security. “Medical device cybersecurity is increasing in importance to healthcare buyers as they see it as a patient safety and regulatory imperative.”

For more information, visit runsafesecurity.com.