Webinar to explore AI use in cybersecurity, health care technology

AI cybersecurity webinar tackles hospital ransomware surge

Sarah Mills | GlobalBeat

The American Hospital Association scheduled a 90-minute webinar for May 14 to train hospital tech staff on deploying artificial intelligence against ransomware attacks that hit 46 U.S. health systems in 2025.

Registration opened Tuesday for the $199 session after federal data showed patient data breaches jumped 37 percent year-over-year, with AI-powered phishing now penetrating 1 in 4 hospital networks within 15 minutes of first contact.

Hospitals lost $11 billion to cyber downtime in 2025, forcing ambulances to divert and surgeries to cancel when electronic health records crashed. The webinar targets IT directors and chief medical officers who must decide whether to let AI algorithms autonomously quarantine infected devices, a step many boards still resist over liability fears.

John Riggi, the AHA’s national cybersecurity adviser, said the program will walk attendees through real attacks where machine-learning tools detected intrusions 18 hours faster than human analysts. “We are past the demo phase,” Riggi told reporters. “These systems either save lives or they don’t get deployed.”

The curriculum covers three live-fire simulations: a phishing email that hijacks an MRI machine, ransomware that encrypts fetal monitors, and a deepfake voice call that tricks a nurse into resetting passwords. Each scenario uses de-identified data from actual 2025 incidents.

May’s session marks the first time the trade group has charged for cybersecurity training after years of free bulletins. AHA chief information officer Teresa Fisher said the fee funds a new 24-hour AI incident-response hotline launching June 1 for member hospitals. “When your lab is offline and chemotherapy protocols vanish, you need answers in minutes not business hours,” Fisher said.

Hospital executives have begged for clearer FDA guidance since March, when Florida’s Port St. Lucie Medical Center paid a $4.2 million ransom to restore ventilator controls. The FDA has approved only 2 AI cyber-defence devices for clinical networks, leaving legal teams guessing whether blocking a med-device IP address counts as unauthorized modification.

Riggi conceded that vendors oversell capabilities. “We will show which products actually reduce dwell time versus those that just light up a fancy dashboard,” he said. Attendees receive a scorecard to rate vendors on five metrics including false-positive rates and time to isolate a compromised insulin pump.

Cyber insurers now demand proof of AI monitoring before writing policies above $10 million. AHA survey data released Monday found 62 percent of hospitals budgeted for AI security tools in 2026, up from 19 percent two years earlier, yet only 11 percent trust algorithms to act without human sign-off.

The College of Healthcare Information Management Executives urged faster adoption. “Every week we see another hospital mailing breach letters to 500,000 patients because legacy tools missed the breach for months,” CHIME president Russ Branzell said in a statement. “AI isn’t magic, but waiting for perfect is costing lives.”

Opposing voices warn of new attack surfaces. MIT cryptographer Dr. Madelyn Wu pointed to research showing adversarial data can trick AI into labeling malware as safe. “If I can manipulate a CT scan so the model ignores the virus hidden in the DICOM header, I own your network,” Wu said at a Senate hearing last month.

The webinar also dives into health-care-specific regulations, including HIPAA auditing requirements when algorithms access protected data. Regulators confirmed that automated incident logs must still be reviewed by a human compliance officer within 72 hours, a bottleneck the AHA wants waived during active intrusions.

Registration closes once 500 seats fill, a cap Fisher said prevents diluting Q&A time. Early signers include Cleveland Clinic, Kaiser Permanente, and 120-bed rural systems across Texas and Nebraska facing identical Russian ransomware kits. “Attackers don’t grade on size,” Fisher noted.

Background

Ransomware gangs first targeted hospitals at scale in 2022, but the pivot to AI-enhanced attacks began in late 2024 when LockBit affiliates started using generative models to craft perfect replicas of internal IT alerts. The change slashed average breach-to-encryption time from 15 days to 4, catching most networks during overnight shifts with skeleton crews.

Congress allocated $800 million in 2025 for hospital cybersecurity grants, yet only 38 percent of applicants qualified because they lacked real-time network visibility tools. Lawmakers from both parties now back legislation requiring Medicare-funded facilities to maintain AI-monitored “canary” devices that trigger instant isolation when tampered.

What’s Next

The FDA promised draft guidance by August on when AI cyber tools need device clearance, a ruling that could open floodgates or stall deployments. Meanwhile, the AHA plans a follow-up advanced workshop in October where hospitals that deployed May’s playbook will share infection counts and recovery times in a closed-door session.