Hospitals face an urgent cybersecurity crisis: the average facility experiences more than 2,300 cyberattacks per week, yet critical security updates take an average of 491 days to deploy. Now, a major medical technology company is using artificial intelligence and large-scale simulations to solve this dangerous gap, potentially transforming how hospitals protect patient data and keep equipment running.

Siemens Healthineers has received a $6.9 million research contract from the Advanced Research Projects Agency for Health (ARPA-H) to develop an AI-driven system called SHIELD, which stands for Secure Healthcare Infrastructure Enhancement and Defense. The project aims to create autonomous cyber-threat solutions that help hospitals determine which vulnerabilities to patch first and when to patch them, without disrupting patient care.

Why Is Hospital Cybersecurity Such a Critical Problem?

The numbers are staggering. Since 2016, cyberattacks have cost the healthcare industry over $77 billion, with more than $15 billion in damages occurring in 2023 alone. When hospitals experience ransomware attacks or detect critical vulnerabilities, they often must shut down major imaging equipment like MRI machines and CT scanners until the systems are secured. This creates a cascade of problems: treatment delays, canceled procedures, diverted ambulances, and staff reverting to paper records.

The root cause is a resource crunch. Currently, 53% of all hospital equipment contains critical vulnerabilities, and 96% of hospitals have at least some equipment with these vulnerabilities. Most hospital IT teams are understaffed and cannot keep up with the volume of security patches available. Clinical staff also resist updates because they fear disruptions to patient workflows. The result is a dangerous stalemate where vulnerabilities remain open to exploitation for months or even years.

How Does SHIELD's AI Approach Work?

SHIELD deploys what researchers call an "exa-scale simulation," which means the system can perform more than one quintillion operations per second to identify optimal security solutions. Rather than treating all vulnerabilities equally, the AI analyzes the specific hospital environment, including patient flows, staff schedules, equipment dependencies, and clinical workflows.

The system runs detailed simulations to determine which systems and vulnerabilities pose the greatest risk to patient care, then recommends the best timing for patches. It also suggests alternative staffing arrangements, equipment substitutions, and patient scheduling changes that would minimize disruption if a device must be taken offline for security updates. This data-driven approach addresses the difficult balance between cybersecurity, patient safety, and hospital operations.

Steps to Strengthen Hospital Cybersecurity With AI-Driven Solutions

• Prioritize Vulnerabilities by Risk: Use AI simulations to identify which vulnerabilities pose the greatest threat to patient care and continuity of operations, rather than treating all vulnerabilities as equally urgent.
• Optimize Patch Timing: Deploy security updates during periods of lower patient volume or when alternative equipment is available, reducing the clinical impact of necessary downtime.
• Involve Clinical Staff Early: Provide hospital teams with data-driven recommendations that show how security updates will affect workflows, helping clinical staff understand the necessity and timing of patches.
• Leverage Real-World Hospital Data: Use detailed medical records and patient interaction data to simulate the actual effects of equipment disruptions, ensuring recommendations reflect real hospital conditions.

Siemens Healthineers is partnering with hospital systems across the country, from state-of-the-art medical centers to under-resourced rural community hospitals. This diverse partnership ensures the research reflects the real constraints and challenges that hospitals of all sizes face.

"We are grateful for the funding provided by ARPA-H to enable our research of this important issue. As AI and automation continue to advance, it is essential to address cybersecurity risks with diligence. By determining effective remediation strategies, we help safeguard patient data and ensure the continuous operation of major imaging equipment," said Dorin Comaniciu, Senior Vice President of Artificial Intelligence and Digital Innovation at Siemens Healthineers.

Dorin Comaniciu, Senior Vice President of Artificial Intelligence and Digital Innovation at Siemens Healthineers

The SHIELD project is part of ARPA-H's broader UPGRADE program, which aims to create new tools to help hospital IT teams better detect and remediate cyber threats. Siemens Healthineers will serve as the principal research institution, with activities based at its AI Factory in Princeton, New Jersey. The research team includes partners Siemens Corporation, Axonius, and Kraetonics.

This Phase I funding represents a significant investment in addressing a healthcare crisis that has grown increasingly severe. As cyberattacks become more sophisticated and frequent, hospitals need smarter ways to defend themselves without sacrificing the patient care that is their primary mission. By combining AI, large-scale simulation, and real-world hospital data, SHIELD offers a promising path forward.

" }