Cybersecurity in healthcare is undergoing a critical shift. What was once viewed as a back-office IT concern is now directly tied to patient safety and clinical outcomes. In this episode of Data Security Decoded, host Caleb Tolin sits down with John Fokker, Vice President of Threat Intelligence Strategy at Trellix, to explore new findings that reveal a significant increase in inpatient mortality rates following cyberattacks on hospitals, reframing cybersecurity as a life-or-death issue.

The conversation dives into how attackers infiltrate healthcare environments, often through familiar entry points like email, before moving laterally across interconnected systems. From HVAC units to supply chain logistics, even nonclinical systems can disrupt care delivery when compromised. The discussion highlights how adversaries blend into hospital networks using legitimate tools, making detection increasingly difficult.

We also examine the alarming dwell times seen in healthcare environments and what defenders can do to identify subtle anomalies before they escalate. The episode outlines practical strategies, including stronger email defenses, network segmentation, and proactive threat hunting.

Finally, we confront two uncomfortable truths: apolitical healthcare and humanitarian organizations remain prime targets, and AI introduces both powerful defenses and new risks. The takeaway is clear. Cyber resilience is not optional. It is essential to maintain trust, ensure continuity, and ultimately save lives.

What You’ll Learn

• Why cyberattacks in healthcare directly impact patient mortality
• How nonclinical systems can disrupt critical care delivery
• What long dwell times reveal about attacker behavior
• How threat actors use legitimate tools to evade detection
• The most effective ways to reduce healthcare attack surfaces
• Why email remains the primary entry point for attackers
• How to reframe cybersecurity as a patient safety priority

Episode Highlights

• A Shocking Statistic A 29 percent increase in mortality reframes cyber risk
• From IT to Patient Safety Why CISOs now have a stronger voice at the board level
• The Backdoor Problem Nonclinical systems and third parties as attack vectors
• Living in the Network Understanding long dwell times and stealthy attackers
• Spotting the Signals Key behavioral indicators defenders should watch
• Three Steps to Resilience Email security, segmentation, and attack surface reduction
• Two Inconvenient Truths AI risk and the myth of healthcare immunity
• Final Takeaway Cybersecurity as operational resilience