Purpose Prevention and detection of cyber threats in health care is known to be suboptimal, yet even less attention has been paid to building resilience and developing incident response and recovery plans for situations when disruptive cyber attacks such as ransomware or terrorist events, occur. Recognising this, the World Health Organization has called for the development of guidance on clinical incident response planning that addresses how health care organisations should respond to cyber attacks. Design/methodology/approach In this narrative review, we present key strategic and policy frameworks as well as recommendations and shared experiences from the literature to help health organisations build cybersecurity preparedness and resilience. On 30th April 2025, we searched without date, language or geographical restrictions in PubMed, Web of Science, Scopus, IEEE Xplore and EBM Reviews. A total of 51 relevant documents were included in the review. Findings Careful advance planning, practicing and training in the form of tabletop scenarios or simulations, and implementing the principles of gamification can markedly reduce the disruptive impact of realised threats. Approaches to cybersecurity preparedness and resilience must be proactive and led by dedicated, certified teams, fully supported by top executives and enabled by compliance across staff. Pre-planning for efficient communication is needed not only within the targeted health care organisation but also across the health care sector and between sectors. Originality/value An overview of the current best evidence to inform efforts towards strengthening cybersecurity preparedness and resilience in health care organisations.
Fišter et al. (Sun,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: