Cybersecurity is the missing link in America’s healthcare supply chain strategy | Viewpoint

Supply chain disruptions pose an existential threat to healthcare delivery in the United States.

For decades, Americans have experienced the effects of shortages where essential medical supplies are not available due to quality manufacturing issues, geopolitical tensions, natural disasters, or other unforeseen circumstances.

And while there is no single cause of shortages, the most insidious and escalating threat to the viability of the healthcare supply chain is digital: targeted cyberattacks, often by foreign adversaries, that undermine the ability to manufacture, use, quality control, inventory, or distribute essential drugs and devices.

Recent cyber incidents have demonstrated the fragility of our healthcare supply chain. Maritime infrastructure, in particular, is a growing target. Between 2017 and 2020, cyberattacks on maritime operational technology surged by 900%. The Port of Houston was targeted by a nation-state actor in 2021; ports across Europe were hit in 2022; and a 2023 attack on maritime software company DNV impacted over 1,000 ships.

These vulnerabilities directly threaten the flow of medical goods. In May 2024 alone, the U.S. imported over $14 billion in medical equipment In 2023, the US imported $203 billion in pharmaceutical products. East and Gulf Coast ports handle 91% of containerized pharmaceutical imports, and reports cite backlogged ports as a contributor to shortages in just-in-time medical supply chains.

Domestic manufacturers and distribution centers are also under siege. In the past year, cyberattacks forced blood banks and distribution centers serving hundreds of hospitals to operate at reduced capacity. A medical device manufacturer critical to heart surgeries was disrupted in late 2024, and a separate 2025 attack halted production of patient monitoring devices.

When patients’ lives are at stake, the status quo is unacceptable and America cannot afford to let the healthcare supply chain remain an easy target for those seeking to sow chaos or make a quick dollar.

Cyber resilience must be a cornerstone of America’s supply chain strategy. That means embedding cybersecurity into the design of our transportation hubs, manufacturing facilities, and digital infrastructure. As federal grants and public-private partnerships invest in domestic manufacturing, criteria must include cyber hygiene and trusted technology stacks.

Amid shifting supply chains, America risks a future where providers do not have the supplies necessary to care for every patient every time - threatening our national readiness and weakening our ability to withstand pressure from adversaries.

Federal rulemaking has begun to address these vulnerabilities. The Coast Guard and Transportation Security Administration now have extended cyber authorities over ports, shipping, and rail. Congress has also introduced legislation to reduce dependence on foreign-manufactured shipping cranes and other critical technologies. These are important first steps, but resilience must be built in, not bolted on.

To realize the White House’s vision for a Golden Age of American Innovation, American industry must re-secure not only our physical infrastructure but also the hardware and software that underpin it. A resilient supply chain requires redundancies, fail-safes, and the ability to pivot in emergencies. As trillions of dollars of investment restore U.S. industrial capacity and secure access to crucial components, America has an unprecedented opportunity to design more cyber-resilient infrastructure.

America needs to reimagine cybersecurity around resilience – and the Office of the National Cyber Director can coordinate this effort. The Administration’s forthcoming cybersecurity strategy should redesign federal cybersecurity efforts to identify and incentivize trusted tech stacks, making America’s crucial systems dependable and defensible.

Including cyber resilience in future infrastructure grants and “Made in America” industrial investments will provide the capital needed to secure essential supply chains. It will also incentivize the use of American-manufactured, trusted technologies to strengthen both national security and economic competitiveness.

Congress must also play a role. Lawmakers can build on the success of the Cybersecurity and Infrastructure Security Agency’s State and Local Cybersecurity Grant Program by extending similar funding partnerships to critical infrastructure operators – ports, manufacturers, electric grids, and hospitals. Many of these jurisdictions face chronic underinvestment in cybersecurity, leaving core elements of our economy vulnerable.

President Trump wants to bring medical supply chains back to America. To make that vision a reality, we must ensure those drugs and devices reach patients safely and reliably. Investing in domestic supply chains and trusted technology stacks will help guarantee that American patients receive the care they need – today and in the future.

Soumi Saha is senior vice president of government affairs at Premier Inc.; Ben Schwering is chief information officer of Premier Inc.; Jeff Ashkenase is practice lead of supply chain optimization of Premier, and Aden Klein is technology policy analyst of Premier.