CybersecurityHealthcare

Healthcare Sector Targets Urgent Shift to AI-Powered Cybersecurity

Analyst 207||Source: InfoSecMag
Healthcare workers walk down a hospital corridor with a medical device screen blurred in the foreground.

“If there was ever an industry where the potential harm bad actors can do is directly correlated to human impact, it’s healthcare,” Cyber Salus CEO Sher Baig told attendees at Infosecurity Europe on June 4 — a blunt summation of a risk picture several speakers said is growing sharper and faster than many organizations can react to.

Sher Baig at Infosecurity Europe: reactive security is failing

Baig argued that healthcare organizations (HCOs) worldwide face the same mix of legacy infrastructure, hyper-connectivity and human fatigue that together create “a perfect storm of risk.” He warned that reactive approaches — discovering vulnerabilities after exposure, then scrambling to assess and contain — are increasingly unsustainable as artificial intelligence collapses the exploit window. In rare cases, Baig said, breaches can lead to patient fatalities.

Proofpoint numbers: attacks rising in 2025

The empirical backdrop for those warnings was supplied by Proofpoint research cited at the event: some 93% of HCOs suffered at least one cyber-attack in 2025, with an average of 43 attacks per organization, up from 40 in 2024. Those figures anchor the conference rhetoric in measurable trends and underscore Baig’s contention that the sector remains highly targeted, with ransomware a particularly acute concern given its potential impact on clinical services.

Legacy devices and operational constraints: infusion pumps to imaging systems

Baig singled out connected medical equipment — infusion pumps, imaging systems, patient monitors and lab systems — as especially exposed. He noted a commercial reality that distinguishes these devices from consumer electronics: “In healthcare, you don’t purchase medical equipment like an iPhone. These devices are in the field for 15 to 20 years running legacy operating systems.” That long lifespan, combined with sprawling estates and limits on patching or running agents, creates large areas of invisibility and fragile risk postures, speakers said.

AI as accelerator: collapsing exploit windows and supercharged phishing

Speakers painted AI as a force multiplier that both worsens and mitigates risk. Baig said AI helps threat actors find and exploit vulnerabilities in legacy systems faster than before and “is also supercharging phishing.” At the same time, he argued, AI can be applied defensively for continuous monitoring, faster anomaly detection and automated threat prioritization. The central challenge, he suggested, is using AI to reduce alert overload and to direct human attention where clinical risk is highest.

Rob Demain and Chris Newton-Smith: telemetry, fundamentals, and governance

Rob Demain, CEO at e2e-assure, urged a practical sequence: move from reactive to predictive, but acknowledge that “predictive is not a product you switch on, it is something you earn, and you earn it with telemetry.” Demain added that “most healthcare organizations do not have clean complete data to reason over. Estates are sprawling, much of the kit cannot run an agent or be patched, and large parts of the network are invisible. No model predicts what it cannot see. The honest first move is not predictive AI, it is basic coverage of the estate.”

Chris Newton-Smith, CEO at IO, reinforced that AI amplifies existing weaknesses rather than creating wholly new risks. He observed that defensively, AI “has the potential to help healthcare security teams identify anomalies faster, prioritize alerts more effectively and improve incident response.” But he warned that AI “alone cannot compensate for fragmented processes, weak governance or overstretched teams,” and advised leaders to focus on governance, resilience, workforce capability, supplier assurance and risk management as prerequisites to benefiting from AI.

What this means for technologists, healthcare leaders, and patients

  • Technologists and security teams: prioritize visibility and telemetry. Baig’s checklist—device-level insight to software version, AI for signal correlation to reduce alert fatigue, and threat prioritization by clinical risk—frames a practical operational shift away from purely reactive playbooks.
  • Healthcare leaders and procurement: reckon with long device lifecycles and supplier assurance. Newton-Smith and Demain both stressed that governance, supplier assurance and estate-wide coverage are fundamental steps before expecting predictive AI to deliver.
  • Patients and care teams: remain at the center of risk calculations. The speakers repeatedly tied cyber risk to clinical impact, noting that ransomware and other disruptions can directly affect patient care and, in rare instances, be fatal.

Baig closed his remarks with a blunt call to action: “That's the game plan we should all be working on now, not once there is a breach.” The message at Infosecurity Europe was concrete rather than theoretical — strengthen basic coverage, prioritize by clinical risk, and use AI to cut through alert noise — while acknowledging that technology alone will not substitute for governance, telemetry and sustained operational investment.

https://www.infosecurity-magazine.com/news/reactive-security-failing/

Artificial IntelligenceEmerging ThreatsHealthcareInfosecurity EuropeAI-Powered CybersecurityReactive SecurityLegacy InfrastructureCyber Salus
Related Intelligence

Continue Reading

Developer workstation with code editor, security symbols, and modern office background.

AI Coding Tools Require Embedded Security to Counter Emerging Risks

Security can't keep pace with AI coding tools unless it's embedded from the start - after all, with hundreds of daily code changes, it can't be a bolt-on activity that happens after the fact. It needs to be a fundamental part of the creation process itself.

Analyst 207
Modern office setup with laptop and monitor displaying code and system maps.

Cybersecurity Industry Scrambles to Adapt to AI-Powered Vulnerability Discovery

In a flash, an AI-powered tool uncovered a vulnerability that took down Moderna's development environment, leaving security teams scrambling to keep up with the lightning-fast capabilities of emerging tech. This game-changing incident highlights the incredible potential of AI-driven testing to expose weaknesses that human testers might miss.

Analyst 207
Empty congressional hearing room with podium and committee table under ambient daylight.

Congress Wrestles with CISA Funding Amid Rising Cyber Threats

Democrats are pushing back against a draft Republican spending bill that slashes $250 million from the Cybersecurity and Infrastructure Security Agency's funding, despite a surge in sophisticated cyber attacks. The proposed $2.4 billion budget falls short of last year's agreed-upon $2.6 billion, sparking concerns about the nation's cyber defenses.

Analyst 207
A minimalist workspace with a computer displaying a blank webpage.

Brave Launches Paid Browser Stripping Monetization Features

Meet Brave Origin, a paid browser that strips away unnecessary features for a streamlined, private browsing experience. This minimalist edition is perfect for users who want Brave's renowned privacy without the extra integrations.

Analyst 207