FBI Urges Hospitals to Elevate Cybersecurity as Patient Safety Priority
FBI Urges Hospitals to Elevate Cybersecurity as Patient Safety Priority
Publish Date: 2026-04-28 06:06:00
Source Domain: www.healthleadersmedia.com
Using an unordered list, summarize the following article with between 4 and 8 key points. The federal agency’s co-deputy director warns that rising cyberattacks are disrupting care delivery and straining operations.
Cybersecurity has become a defining issue for hospital leaders as attacks on the industry continue to climb.Andrew Bailey, co-deputy director of the FBI, urged providers to elevate cyber risk within leadership priorities as threat activity intensifies. His message, shared at the recent AHA Annual Meeting, aligns with new federal data that places healthcare at the center of criminal targeting.An FBI report found that healthcare and public health ranked as the most targeted sector for cyberthreats in 2025. The research documented 460 ransomware attacks and 182 data breaches, for a combined 642 incidents. Financial services had the second-most events with 447.Bailey described a threat environment shaped by organized cybercrime groups that focus on hospitals because of the urgency tied to care delivery. Disruptions tied to ransomware can delay treatment and strain operations during critical moments.”We’re no longer talking about a data crime,” Bailey said. “We’re talking about physical harm to patients.”The growing volume of attacks has forced executives to confront cybersecurity realities. A breach now carries operational consequences that extend into patient care. When systems like electronic health records and medication platforms become unavailable, clinicians face delays that can affect outcomes.
Bailey emphasized coordination between hospitals and federal agencies as a key step in addressing threats. Early reporting of suspicious activity allows law enforcement to track patterns and act against criminal networks before additional organizations are compromised.
How Hospitals Can Respond
For hospital leaders, the inevitably of cyber incidents necessitates that cybersecurity be embedded into enterprise risk strategy.That starts with ensuring board-level oversight and clearer accountability, aligning cyber preparedness with quality and safety initiatives.Resilience against operational disruption requires adequate preparation. Hospitals benefit from clinical continuity plans that include manual workflows, backup systems, and simulation exercises so care teams can maintain services during an outage.Workforce readiness plays a central role in defense. Staff training focused on phishing awareness and credential security can reduce the likelihood of successful attacks that begin with human error.Structured risk management frameworks also offer a foundation for consistent practices. Widely used models such as the NIST Cybersecurity Framework and HHS’ cybersecurity performance goals can guide organizations in assessing risk and prioritizing safeguards.Additionally, executives should be thinking about third-party exposure, which remains a persistent concern as vendors connect into hospital networks. Stronger requirements for partners and continuous monitoring of external access points can reduce vulnerabilities tied to supply chain relationships.As the FBI’s data and messaging makes clear, cybersecurity now sits at the forefront of hospital leadership responsibility. The industry’s position as a top target should draw the attention of leaders who guide both strategy and patient care delivery.
