Two structural intelligence items this period document a sustained, multi-year escalation in U.S. healthcare breaches, with ransomware and third-party compromise now the dominant attack categories per HHS OCR reporting and the AHA 2025 year-in-review, displacing earlier physical media theft patterns. Common defensive gaps consistently exploited include insufficient network segmentation between clinical and administrative environments, weak identity and access management, delayed patch cycles on medical devices and legacy clinical systems, and underdeveloped third-party risk management programs. Healthcare security teams should prioritize third-party BAA audits, network segmentation validation, ransomware detection rule coverage, and HIPAA breach response plan currency as immediate control assurance actions.