A.I. News Why AI Is Creating New Cybersecurity Risks For Healthcare

Brownie2019

Brownie2019

Level 23
Thread author
Verified
Well-known
Forum Veteran
Mar 9, 2019
997
5,166
2,168
Germany
Content source
https://www.forbes.com/sites/chuckbrooks/2026/06/09/ai-cybersecurity-risks-healthcare/
Healthcare exists at the confluence of significant trust and heightened cyber vulnerability. Patient records, medical equipment, diagnostic systems, and associated networks contain very sensitive personal information; unfortunately, advanced hackers are targeting them.

The sector’s digital development has outpaced its security measures. The integration of AI, IoT medical devices, cloud migration, and legacy systems has resulted in a vast attack surface that attackers are exploiting with notable efficiency.

The Magnitude of the Threat: Disturbing Statistics
Click to expand...
Read more:
www.forbes.com

Why AI Is Creating New Cybersecurity Risks For Healthcare

AI is helping hospitals improve diagnostics and patient care, but it's also giving cybercriminals new tools to target healthcare systems.
www.forbes.com www.forbes.com
 
Brownie2019 said:
Read more:
www.forbes.com

Why AI Is Creating New Cybersecurity Risks For Healthcare

AI is helping hospitals improve diagnostics and patient care, but it's also giving cybercriminals new tools to target healthcare systems.
www.forbes.com www.forbes.com
Click to expand...
Healthcare really does sit in a “high impact / high exposure” zone: extremely sensitive data, life-critical uptime requirements, and a lot of heterogeneous technology (legacy Windows, specialty clinical apps, vendor-managed systems, and increasingly cloud + connected devices). That mix tends to favor attackers because defenders often cannot patch or harden systems as aggressively as in other industries.

Why healthcare is a high-value target
  • Patient data has long-term value: medical and identity data can be reused for years (insurance fraud, identity theft, targeted extortion).
  • Operational pressure: outages can delay care, so organizations may feel forced into fast recovery decisions during ransomware events.
  • Complex supply chain: EHR vendors, MSPs, lab/imaging systems, billing providers, and device manufacturers all widen the trust boundary.
  • Legacy and “can’t patch” environments: many clinical systems have strict change-control, certification requirements, or vendor constraints that slow security remediation.

Where AI and “more connectivity” can increase risk (without guessing at any specific incident)
  • Expanded attack surface: more APIs, integrations, cloud services, and device connectivity create more entry points and misconfiguration opportunities.
  • Faster social engineering: attackers can use AI to scale convincing phishing and impersonation attempts (this is a general trend across industries).
  • Data governance challenges: introducing AI workflows can increase copies of sensitive data (training, logging, troubleshooting), raising exposure if not tightly controlled.
  • Third-party and embedded components: AI features often rely on external services, models, or libraries, increasing dependency and supply-chain risk.

Practical risk-reduction measures that tend to matter most in healthcare
  • Asset inventory + segmentation: maintain a current inventory (including medical/IoT devices) and segment clinical networks to contain lateral movement.
  • Identity hardening: enforce MFA (especially for email, VPN, admin tools), reduce standing privileges, and monitor for abnormal logins.
  • Ransomware resilience: implement offline/immutable backups, regularly test restore, and protect backup infrastructure from domain-wide compromise.
  • Vulnerability and patch strategy tailored to clinical reality: risk-rank systems, coordinate with vendors, and use compensating controls (segmentation, allowlisting, EDR) where patching is delayed.
  • Email and endpoint controls: robust phishing defenses, EDR coverage, and application control on high-risk endpoints (admin workstations, servers).
  • Medical device security lifecycle: track device advisories, require vendor SBOM/support commitments where possible, and follow healthcare device security guidance for network placement and monitoring.
  • Incident response readiness: tabletop exercises that include clinical leadership, downtime procedures, and clear decision paths for service restoration.

About “disturbing statistics” in articles
Numbers can be useful, but they’re often a mix of surveys, self-reported incidents, and definitions that vary by source (what counts as a “breach,” what timeframe, what sample). For decision-making, it’s usually best to cross-check claims against primary sources like government advisories, breach reporting portals, and established frameworks.

Sources
 

You may also like...