June 3, 2025
ll 2025 segna un punto di svolta cruciale per il CISO, che da “guardiano della sicurezza” si trasforma in una figura strategica a tutto tondo. Non […]
In the healthcare sector, every second counts, but not all systems can keep pace with technological and regulatory innovation. Behind the growing push toward digitalization — digital reports, online health records, and connected devices — there are infrastructures that still bear the marks of the past. Devices certified years ago, software that cannot be updated, networks that connect new services to technologies already out of support.
It is the paradox of modern healthcare: innovating without being able to update.
A contradiction that does not arise from negligence, but from a regulatory and operational model that imposes stability where adaptability would instead be needed.
According to the IBM Cost of a Data Breach Report, the healthcare sector has the highest average cost per data breach, exceeding 10 million dollars per incident.
And yet, precisely where protection should be strongest, the attack surface remains wide and difficult to control.
Every medical device must be certified to ensure patient safety.
It is a fundamental principle that regulates the entire sector and ensures that every technology used in hospitals is clinically reliable.
However, this same principle, when applied to a digital environment in constant transformation, produces an unintended side effect: once certified, a system cannot be updated without repeating the entire certification process. A complex, lengthy, and costly operation which, in most cases, leads organizations to postpone or forgo updates. As a result, devices that are still fully functional from a clinical standpoint remain for years without security patches. The average lifespan of a medical system — often more than ten years — thus becomes an open window to risk.
What is compliant today may become tomorrow’s weak link within the healthcare infrastructure.
In this way, certifications — originally created to ensure safety — end up slowing the evolution of systems.
Healthcare operates on two diverging timelines.
The first, the clinical-regulatory one, moves on long horizons: stability, testing, validation, certification cycles that can span over a decade. The second, the cyber-technological one, evolves at an exponential pace, introducing new threats, languages, and vulnerabilities every month. Within this asynchrony, a systemic fragility often arises.
A device compliant with medical regulations can remain exposed to exploits known for years, simply because it cannot be updated. Thus, in many hospitals, modern telemedicine systems coexist with equipment still running Windows 7 Embedded or obsolete versions of Linux.
Two timelines that do not intersect: the first defends patient safety, the second protects data security.
But today, both must move in the same direction.
Even when IT departments try to innovate, they must ensure that new architectures remain compatible with devices still in use. It is a complex balance, where each update risks compromising clinical functionality.
Healthcare infrastructures have therefore become mosaics of heterogeneous systems: modern servers communicating with machines certified ten years ago, cloud applications interfacing with proprietary software that has never been updated.
In the effort to maintain operational continuity, a compromise is accepted — one that exposes the entire network.
In this scenario, even “dated” attacks can prove effective.
Known vulnerabilities remain open, and modernization becomes a partial process, constrained by the need not to interrupt service delivery.
The solution cannot be to choose between compliance and security.
Both must coexist, finding a meeting point between regulatory rigidity and technical adaptability.
In recent years, many healthcare organizations have been experimenting with hybrid approaches, capable of mitigating risks without intervening directly on certified devices.
Through virtual patching, security teams can block known vulnerabilities at the network level, compensating for the lack of native updates.
With micro-segmentation, obsolete devices are isolated in controlled environments, reducing the possibility of lateral propagation in the event of compromise. To this are added the growing adoption of medical threat modeling frameworks (FDA, IMDRF, IEC 81001-5-1), which assess cyber risk throughout the entire device lifecycle, and the introduction of the SBOM (Software Bill of Materials), which makes software components and their dependencies traceable.
These practices do not eliminate risk but make it manageable.
They create an operational balance between what cannot be changed and what can — and must — be monitored.
To govern such a complex network, visibility must be continuous.
This is the necessary condition for moving from a static approach to risk to a dynamic model capable of evolving alongside its context.
The concept of the Digital Twin, applied to healthcare infrastructure, represents a natural evolution in this direction:
a digital model that faithfully replicates the real network — IT, OT, and IoMT (Internet of Medical Things) — analyzing its flows, dependencies, and vulnerabilities continuously.
Through the digital twin, it becomes possible to simulate attack scenarios, understand the propagation of threats, and estimate the operational impact of each vulnerability, without ever touching delicate real systems.
It is a data-driven approach that enables the integration of cyber risk into healthcare governance, transforming it from a reactive element into a decision-making lever.
Resilience is no longer only a technological issue but a balance between different logics.
The healthcare of the future will need to reconcile the necessary slowness of certification with the speed of cyber risk, creating control models based on knowledge rather than on compliance.
It means overcoming the idea of periodic control and building a system capable of learning, analyzing, and adapting continuously.
In this context, true security is measured by the ability to read risk in real time and to transform it into operational decision-making.
Only by understanding where assets are, how they communicate, and how risks propagate across the network will it be possible to move from reactive security to predictive resilience.
In this perspective, the future of healthcare security will not be defined by the number of defenses installed, but by the quality of visibility achieved.
The journey toward a truly digital healthcare system also passes through discussion and shared perspectives.
For this reason, ai.esra will take part in the next edition of “Sanità Digitale – Proximity Healthcare, Public-Private Collaboration, the Opportunities of Digital Transformation, and Privacy Protection” , organized by Soiel International.
An opportunity to continue the dialogue on innovation, governance, and cybersecurity in the healthcare sector, and to show how risk knowledge can become the first step toward conscious resilience.
ai.esra SpA – strada del Lionetto 6 Torino, Italy, 10146
Tel +39 011 234 4611
CAP. SOC. € 50.000,00 i.v. – REA TO1339590 CF e PI 13107650015
“This website is committed to ensuring digital accessibility in accordance with European regulations (EAA). To report accessibility issues, please write to: ai.esra@ai-esra.com”
ai.esra SpA – strada del Lionetto 6 Torino, Italy, 10146
Tel +39 011 234 4611
CAP. SOC. € 50.000,00 i.v. – REA TO1339590
CF e PI 13107650015
© 2024 Esra – All Rights Reserved
