AI and Healthcare Cybersecurity: Q4 To the Point Podcast Highlights

In healthcare settings, secure and reliable access to patient data is as essential as electricity or running water. Without it, care slows, detours or stops altogether.

In recent episodes of our To The Point Cybersecurity podcast, we were joined by two healthcare industry leaders for in-depth conversations that explored how AI adoption, third-party risk and clinical system disruptions are reshaping data security in the industry.

With healthcare attack surfaces constantly expanding—particularly with continued AI adoption—these conversations underscore the importance of focusing on controls, decision points and resilience so healthcare organizations can keep patient data safe and, in turn, provide safe care.

Here's a quick overview of these informative and timely episodes from Q4.

How AI and Third-Party Risk Are Transforming Healthcare Cybersecurity with Ed Gaudet — Ep. 339 and Ep. 340

Ed Gaudet, the CEO and founder of healthcare IT company Censinet, described how the industry went from tech laggard to innovation testbed. Instead of treating risk as a flat checklist, Gaudet explained, data security protections should be prioritized based on business processes and critical patient-care functions.

He also described how AI-enabled clinical workflows, though helpful, significantly expand the attack surface. Integrations such as ambient listening—which captures and transcribes clinician-patient conversations in real time—increase the number of systems, vendors, application programming interfaces (APIs) and cloud environments that handle protected health information, making the importance of effective data security even more critical.

In part two of the conversation, Gaudet addressed why traditional vendor risk assessments fall short: they cannot adequately account for AI systems that evolve through model updates, retraining cycles and configuration changes. As those systems change, so do the ways patient data is accessed and processed, creating dynamic data security exposure in healthcare that requires continuous monitoring rather than periodic audits.

Ultimately, Gaudet underscored how clinical efficiency gains must rest on a strong data security foundation. As AI adoption accelerates and third-party ecosystems grow more complex, safeguarding patient data becomes an enterprise-wide responsibility. Data security can no longer reside solely within IT; it demands board-level attention because of its direct impact on patient safety and operational continuity.

How Cybersecurity Impacts Patient Care in Hospitals with Christian Dameff — Ep. 346 & 347

Dr. Christian Dameff, an emergency physician, clinical informaticist and lifelong hacker who serves as the nation's first Medical Director of Cybersecurity at UC San Diego Health (UCSD), addressed the expanding attack surface as well. Ransomware remains one of the most severe threats to healthcare data security, with attacks often encrypting critical systems that providers rely on every day.

In recent years, healthcare ransomware incidents have accounted for a large majority of record breaches, with hundreds of millions of patient records exposed annually and many health systems reporting operational disruption when systems are locked or taken offline. These attacks not only expose sensitive patient data but can also force hospitals to degrade the quality and speed of care by diverting ambulances, canceling procedures and reverting to paper workflows.

Dr. Dameff shared hard data on ransomware's real-world impact in part two, including research showing an increased likelihood of patient mortality at hospitals actively experiencing an attack. These findings underscore the fact that data security failures can translate directly into patient harm.

He also described innovative cyber recovery efforts designed to strengthen healthcare data security and resilience, including test deployments of rapid IT restoration solutions: a portable hospital IT system that can be transported and stood up within five hours of an attack to restore secure access to essential clinical data. The system has been deployed eight times in real-world exercises, including at a nearby hospital, with the next step focused on operationalizing it at scale as part of broader data security and continuity planning.

Overall, these two conversations underscore the imperative of strong data security in healthcare and its direct connection to patient safety. As hospitals continue to adopt AI technologies and expand third-party ecosystems, the volume of protected health information moving across systems will continue to grow. Safeguarding the confidentiality, integrity and availability of patient data is no longer just a compliance requirement: it is foundational to operational continuity and safe clinical care. In today's hospitals, securing patient data is inseparable from protecting patient lives.

To stay on top of all kinds of cybersecurity trends, tune into new episodes each week. They're published every Tuesday. You can always listen to all the episodes on Forcepoint.com.

Or better yet, subscribe today wherever you get your podcasts:

• Apple Podcasts
• Spotify
• Stitcher
• Google Podcasts