A hospital can sound normal on the outside while everything critical is failing behind the scenes. When cyberattacks hit healthcare, the damage is measured in more than stolen data, it shows up as canceled visits, delayed procedures, and care teams forced to improvise while systems are taken offline. That’s the world behind Cyber Survivor, where healthcare cybersecurity becomes a patient safety story.

I’m Dan Dotson, and this season update looks back at the moments that defined season one: the disruption, the resilience, and the people who held the line. You’ll hear what it’s like when patients arrive for appointments only to find a clinic closed, or when a routine timeline turns into hours longer because the digital backbone of a hospital isn’t there. We also reflect on what leaders learn after surviving a ransomware event, from how a whole organization changes to how cybersecurity investment becomes inseparable from delivering safe care.

Then we turn toward what’s next. Season two launches in October alongside Cybersecurity Awareness Month, and we’re going deeper on patient impact, policy, and the topic everyone’s debating: AI in cybersecurity. How are adversaries using AI to move faster and hit harder? How can defenders use it to detect threats, coordinate response, and protect confidentiality and availability without losing sight of care?

Subscribe now, share with a colleague, and leave a review to help more people understand why stronger defenses protect all of us. What question do you want answered first?

A hospital can survive bad press. It might even survive a tough quarter. What it can’t survive is a cyber event that shuts down care. That’s why we sit down with Dr. Dennis Leber, a longtime healthcare cybersecurity leader with a background in law enforcement and military service, to talk about what “cybersecurity is patient safety” really means when systems fail and clinicians still have to treat people.

We unpack how the cyber threat landscape has evolved from on-prem data centers and manual processes to cloud-first environments where identity is the main target. Dr. Leber explains why adversaries are shifting toward directory takeovers and why CISOs have to stay ahead of fast-moving change, including AI-powered attacks and the longer-term pressure of quantum computing. We also get practical about incident readiness: tabletop exercises with executives, thinking in weeks of downtime instead of days, and focusing on detection, response, and remediation so operations can keep moving.

The CISO role comes up again and again, not as “the Department of No,” but as a translator who connects controls to business goals, clinical risk, revenue protection, and resilience. Dr. Leber shares ways to build trust across the organization, make a clear ROI case for investment, and push governance forward with better board-level questions and accountability. Then we go deep on AI in healthcare: shadow AI, HIPAA data leakage, treating AI like a non-human identity, and setting guardrails so teams can use AI as a partner without losing control of data or cost.

If you care about healthcare cybersecurity, hospital operations, patient safety, or responsible AI, this one is for you. Subscribe, share with a colleague, and leave a review with the one question you want CISOs and boards to be asking right now.

A cyber event doesn’t feel “digital” when you’re the one on the gurney. We’re joined by Jack, who shares his story anonymously after being impacted as a patient during a hospital cyber incident while being treated for prostate cancer. He takes us from pre-surgery nerves to the uncomfortable reality of not fully knowing what’s happening once you’re under anesthesia and relying on a care team, technology, and processes you can’t see.

We talk about robotic-assisted surgery and why connected medical devices can raise new questions in the patient’s mind, even when the clinical goal is the safest, most effective approach. Jack describes waking up to an unexpected timeline, hearing bits and pieces about “something” going wrong, and then dealing with a major post-op life change: learning to live with a temporary colostomy bag. It’s an unfiltered reminder that ransomware in healthcare, EHR downtime, and operational disruption can ripple into real patient outcomes, comfort, and trust.

We also dig into what he noticed on the hospital floor when systems went down, including the shift to paper charting and how staff handled conversation around the disruption. Along the way, we wrestle with a tough question for healthcare leaders, administrators, and cybersecurity teams: how transparent should hospitals be with patients during and after a cyberattack, and what does “enough information” look like when care must continue?

If you care about patient safety, healthcare cybersecurity, and the human side of incident response, listen and share this story with someone who needs to hear it. Subscribe to Cyber Survivor, leave a review, and tell us your take: what would you want your hospital to communicate if systems failed?