The US healthcare industry has historically lagged behind others in the maturity of security capabilities, with the exception of HIPAA-related updates. But there is a wide range of other mounting risks unique to healthcare that security and risk (S&R) pros in healthcare can’t ignore —greater regulatory pressure, increasing targeted attacks, the frightening uncertainty of IoT security, and global economic pressures. This report outlines the most important security capabilities for security leaders in this sector to implement in the face of these challenges.