Identifying health care cyberattacks before they happen

Andis Robeznieks , Senior News Writer

A cybersecurity intelligence platform custom-designed for the health care sector has been launched just as hospitals, health systems and insurers come under increased attack from cybercriminals.

HEAL Security, a portfolio company of the AMA’s Silicon Valley-based venture studio, Health2047, has received $4.6 million in pre-seed investments, included $2.3 million from Health2047. 

Membership Moves Medicine™

  • Free access to JAMA Network™ and CME
  • Save hundreds on insurance
  • Fight for physicians and patient rights

The company’s flagship product, HEAL Security Desktop, consolidates the latest global health care cybersecurity data and insights into a dashboard so customers can evaluate and take action against potential cyberthreats and risks.

“Health2047’s investment empowers us to provide the health care sector with the requisite arsenal to safeguard patient data and continuity of care,” Charles Aunger, founder and CEO of HEAL Security and managing director of technology at Health2047, said in a news release.

The health care sector “has experienced nearly $7.8 billion in losses due to breaches since 2016,” said Lawrence K. Cohen, PhD, the CEO of Health2047. “The threat is so pervasive that some institutions are having to revert to paper records, setting back health care’s digital evolution and making it harder for physicians to perform their duties.”

Those figures do not account for the latest massive cyberattack that started Feb.21 when Change Healthcare began experiencing a cybersecurity issue and isolated its systems to prevent further impact. Optum, UnitedHealthcare and UnitedHealth Group (UHG) systems were not affected by the issue, according to information provided by UHG. Learn more with the AMA about the Change Healthcare cyber outage and how physicians, practices and health systems can respond.

As part of its mission to make health technology an asset rather than a burden to physicians, the AMA founded Health2047 to form, find and support innovative companies that are streamlining data flow, promoting preventative medicine, and improving workflows in the medical field.

“Cybersecurity data sprawl has historically left hospital leaders navigating a labyrinth to assess and gather a true understanding of their risk of breach,” said Aunger, who has a long track record in the health care industry. “Our platform synthesizes, aggregates and contextualizes this data, offering clarity and actionable strategies.”

HEAL Security uses the observe, orient, decide, act methodology—known as OODA for short—to continuously update its cybersecurity situational threat intelligence that identifies emerging threats and vulnerabilities.

“HEAL Security doesn’t just respond to threats; it anticipates and evolves with them,” a company LinkedIn post explained.

Health care was the most-targeted industry by cybercriminals in the first half of 2023, according to the Cisco Talos Intelligence Group.

“In 45% of engagements, attackers exploited public-facing applications to establish initial access,” the Cisco Talos first-quarter report said.

Health care was not on the Cisco Talos “top targeted” list for the third quarter, but then returned in the fourth quarter, finishing third behind manufacturing and education.

In 2023, 733 large data breaches involving nearly 134.8 million people were reported to the Department of Health and Human Services Office for Civil Rights. That compares with the 55.9 million people affected by such breaches reported in 2022.

“The first step to recovery is admitting you have a problem, and the health care sector must confront its persistent cybersecurity weakness,” Auger wrote in a column for

“The health care industry is uniquely saddled with a lot of highly sensitive information flowing through a combination of hard-to-replace legacy infrastructure and incredibly fast-evolving digital technology that cannot be easily integrated,” the column adds.

Viruses, malware and hackers pose a threat to patients and physician practices. The AMA has resources and tips for physicians and health care staff to protect patient health records and other data from cyberattacks.