The increasing incorporation of technology into the health field is leading to greater precision in healthcare; however, advancements in cybersecurity measures are still required. According to a 2016 report by IBM and the Ponemon Institute, the frequency of data breaches in the healthcare industry has been rising since 2010 [1], and it is now among the sectors most targeted by cyberattacks globally [2]. Due to its immutability, the information accessed through health data breaches is of particular interest to criminals [3]. Blood type, past surgeries and diagnoses, and other personal health information are contained in an individual’s medical file. As these records include private data such as name, date of birth, insurance and health provider information, as well as health and genetic information, it is not possible to restore privacy or to reverse psychosocial harm when private data are compromised.

These sorts of attacks are not only a threat to patients’ identity and finances, but they can also impede hospital operations and place the health and well-being of patients at risk. The United Kingdom’s National Health System hospitals, which suffered from the WannaCry ransomware attacks in May 2017, were forced to delay treatment plans and even to reroute incoming ambulances because they lost access to hospital information systems [4]. Among these operational delays and the financial consequences of data breaches and ransomware attacks, cyberattacks have long-term detrimental effects on the reputation and revenue of hospitals and health facilities.

In response to these global attacks, the M8 Alliance undertook a project that began with a scoping review on cyberattacks against hospitals [5]. The review was a basis for several teleconferences conducted by a multidisciplinary team of experts. A workshop ensued in April 2018 at the bi-annual Geneva Health Forum (GHF). The purpose of these meetings was to exchange perceived threats, to promote interdisciplinary discussion, and to propose practical recommendations for hospitals across the globe. The onsite meeting at the GHF was organized as a World Health Summit Expert Meeting on the cybersecurity of hospitals [6].

Here, we describe the most prominent discussions and recommendations from this working group for other security officers, hospital decision makers, vendors, manufacturers, industry representatives, and academics in the field. We begin with some case examples that serve to illustrate what these attacks look like and how health organizations have responded in the past. We then discuss the need to address cybersecurity through the product lifecycle in a preventative and proactive way as well as an approach to cybersecurity that values quality IT at the foundation with a stable application base and strong IT infrastructure. A risk-based approach is recommended, beginning with the identification of at-risk IT assets, followed by management of tradeoffs between risks and benefits, as well as different types of risks. The training of end-users is emphasized, alongside strategies such as vulnerability management and patch management, the controlled and restrictive granting of administrative privileges, and the development of incident response and business continuity plans. Information sharing between stakeholders is also recommended in order to build resilience. We conclude with a discussion on privacy-conscious data sharing and the unique challenges medical devices pose to security.