August 2025 underscored a reality for healthcare cybersecurity leaders: AI is an asset and an attack surface.
This past month, we witnessed some notable AI realities, including early warning signs of “AI fatigue” as enterprises struggle to realize the promised efficiencies. This month’s themes highlight two sides of the same coin: adversaries weaponizing AI to bypass safeguards, and organizations grappling with the limitations of AI deployments.
Key takeaways: the Hybrid Havoc CoPilot bypass, hard lessons from failing AI agent pilots, and forward-looking considerations for September.
Threat Bulletin: CoPilot Protections Bypassed – Hybrid Havoc
On August 8, attackers successfully bypassed Microsoft CoPilot’s embedded protections, including using an AI prompt injection with traditional phishing methods. This marks a clear shift: AI-enabled workflows are now direct targets rather than indirect enablers.
Healthcare Impact:
- Hospitals and providers integrating CoPilot into their EHRs or patient communication systems face an elevated risk of sensitive data exposure, manipulated task automation, and unauthorized privilege escalation.
- AI assistants embedded in clinical or administrative processes represent a new high-value attack surface.
Recommendations:
- Conduct a targeted security review of AI-enabled tools in production use.
- Apply least-privilege principles to CoPilot and similar tools to reduce lateral risk.
- Expand phishing awareness programs to cover AI-generated content and blended attack tactics.
Questions to Ask Your Team:
- Which departments are actively using CoPilot or similar AI assistants?
- What data can these tools access?
- How quickly could we detect and respond to AI-based manipulation attempts?
Industry Insight: Are AI Agents Already Failing?
Reports indicate that autonomous AI agents, once thought to be the ultimate solution for reducing workloads and increasing efficiency, are actually proving to be unreliable, inefficient, and unpredictable for many companies.
Healthcare Impact:
- Overreliance on AI agents in clinical or operational contexts risks wasted investments, safety issues, and loss of trust if systems underperform.
- Premature adoption without guardrails could amplify risk rather than reduce it.
- Healthcare systems should exercise caution before integrating AI agents into clinical decision-making or operational task automation, as relying solely on AI in this industry is risky. Read more about that risk in our Mid-Year 2025 Horizon Report.
- Overpromising AI functionality can lead to wasted investments, patient safety concerns, and erosion of trust.
Recommendations:
- Set realistic expectations for AI’s role in healthcare.
- Prioritize human oversight when deploying any AI-driven tools, especially in patient-facing environments.
- Conduct ongoing ROI and safety evaluations to identify early warning signs and avoid potential blind spots in AI risk management.
Questions to Ask Your Team:
- Are we piloting or planning to adopt AI agents, and where will they be used?
- Who is evaluating their performance, safety, and ethical impact?
- How are we measuring the success and failure of AI deployments?
Looking Ahead: Preparing for Fall Threats
As we move into Q4 planning, healthcare CISOs should prepare for:
- Continued scrutiny of third-party security and vendor transparency
- Likely uptick in ransomware activity as end-of-year budget pressure hits smaller hospitals
Recommendations:
- Track emerging compliance expectations for AI adoption and risk disclosures.
- Revisit third-party risk management strategies, especially for vendors using AI in their platforms.
- Conduct tabletop exercises to rehearse AI or insider-threat-driven breach scenarios.
Closing Thought
August confirmed two takeaways: adversaries are adapting AI to accelerate attacks, and organizations must temper optimism with caution when adopting AI internally. This Fall, the challenge for CISOs is to balance leveraging AI where it adds value and staying vigilant against the risks it could pose to your security.
