Leverage cyber threat intelligence to stay ahead of cyberattacks 

Photo: Andrew Brookes/Getty Images

Integrating threat intelligence into a broader cybersecurity strategy is one way hospitals and other healthcare organizations can stay a step ahead of cybercriminals, according to Jon Moore, chief risk officer, SVP of Consulting Services and Client Success, Clearwater.

Moore and Michael Gross, manager Cyber Intelligence, Cleveland Clinic, will discuss how to break down silos and turn intelligence into action during the HIMSS25 session “Mastering Cyber Threat Intelligence to Protect Patient Safety,” on Tuesday, March 4, at HIMSS25 in Las Vegas.

“Attendees should leave with a deeper understanding of how cyber threat intelligence can be a proactive tool for safeguarding patient safety and protecting healthcare organizations from cyberattacks,” Moore said. 

Ransomware is on the rise, with more than 180 ransomware attacks reported in 2024, according to Forbes. As cybercriminals adapt their strategies, hospitals are finding it hard to keep pace.

Leveraging cyber threat intelligence (CTI) gives providers real-time intelligence for insights into attacker tactics. This helps security teams detect and respond to potential incidents before they escalate into full-scale breaches, according to Moore.

Cyber resilience in healthcare requires a multifaceted approach, Moore said, because there’s no single solution that can fully safeguard patient data and critical systems. Organizations must continuously assess their risks, adapt to evolving threats and integrate multiple layers of defense. 

First, he said, conduct continuous risk assessments to prevent being caught off-guard when vulnerabilities go unnoticed. 
 
Secondly, strengthen incident response by threat hunting for indicators of compromise. Monitor unusual activity and have a well-coordinated plan in place to respond swiftly when a threat is detected.
 
Finally, Moore recommends investing in security awareness training as one of the most cost-effective ways to reduce risk. Employees are often the first line of defense, and ensuring they recognize phishing attempts, social engineering tactics and other common attack methods can significantly decrease the likelihood of a successful cyberattack.  

“By combining these strategies–risk assessments, threat intelligence, incident response, and ongoing education–healthcare providers can build resilience, minimize disruptions, and ultimately protect both their systems and the patients who depend on them,” Moore said.
 
Michael Gross, manager Cyber Intelligence, Cleveland Clinic, and Jon Moore, chief risk officer, SVP of Consulting Services and Client Success, Clearwater, will speak on Tuesday, March 4, from 10:15-11:15 a.m. at “Mastering Cyber Threat Intelligence to Protect Patient Safety” at Caesars Alliance 315, at HIMSS25 in Las Vegas.

Moore is also speaking at the “Navigating the Evolving Cyber Regulatory Environment” session alongside Clearwater’s CEO Steve Cagle on Wednesday, March 5, at 1 p.m. in the Cybersecurity Command Center, Booth C1000-20. 

Email the writer: SMorse@himss.org