News|Podcasts|July 15, 2026

How AI is ‘changing the game’ in cybersecurity

Author(s)Ron Southwick

Baxter Lee, president of Clearwater, talks about cyberattacks in healthcare, how attackers are using AI, and risks from third parties. He spoke with us in the latest episode of Data Book, a podcast from Chief Healthcare Executive.

It’s the scenario that hospitals and health systems dread: a cyberattack.

Hundreds of hospitals have experienced cyberattacks that have disrupted operations, shut down systems and affected patient care, and those attacks can be very costly. The healthcare industry is the target of more cyberattacks than any other industry, the FBI says.

Baxter Lee, president of the Clearwater cybersecurity firm, says AI is posing new risks to hospitals and the healthcare industry. With AI, ransomware groups are gaining new capabilities to infiltrate systems, he said in a conversation for the new episode of Data Book, a podcast from Chief Healthcare Executive®.

“I think AI is fundamentally changing the game,” Lee says.

“It's lowering the barrier entry and it's increasing the scale of attacks,” he says. “It's allowing your average hacker to be much more sophisticated than in the past. So we're seeing AI used to generate very highly convincing phishing emails, automate reconnaissance, adapt to attacks in real time, so they can navigate more stealthily through your environment.”

Using AI technology, cybercriminals are also able to launch more attacks to break into organizations.

“Instead of a handful of attempts, organizations are facing thousands of highly coordinated attempts,” Lee says. “The sophistication of those attacks, from the average hacker, much less the commercial hackers and/or the nation states, is just going up every day.”

“I think there's a widening of asymmetry between the attackers and defenders in healthcare due to AI. So it's not only becoming more frequent, but they're becoming more impactful. They're becoming smarter and harder to detect as a result of leveraging that technology,” Lee says.

Some of the ways attackers are using AI with greater impact involves phishing emails, which are now more difficult to flag.

Years ago, some phishing emails were easy to spot, due to scores of misspelled words and halting language that would give an attentive reader pause. Now, phishing emails are more polished, and attackers are sending scores of emails.

"It's just a sheer numbers game, right? With AI, you can generate infinitely more simulations and emails that can go out, so that it's a higher likelihood that that one link or that one email will get through that'll cause an exposure. So I think it's a frequency and an effectiveness equation, and I think their AI is making it both more frequent and more effective, and which creates a greater threat to the industry,” Lee says.

Beyond developing more intriguing phishing emails, attackers are using AI tools to find ways to infiltrate health systems.

“I think AI can help identify vulnerabilities and exploit those vulnerabilities more effectively and faster than humans were able to do previously,” Lee says. “And so there's probably a lot of hidden vulnerabilities within software code, within cloud configurations, within network configurations.”

“With AI and their ability to automate the review of those systems, those networks, that code base, it can find those weaknesses and exploit those weaknesses much faster,” he says.

On the upside, Lee also says health systems are also seeing some of the benefits of AI bolstering their ability to defend themselves from attacks.

But he also says attackers are gaining an edge with AI tools, since healthcare organizations face a host of regulations in adopting new digital tools.

“It absolutely has the potential to strengthen our defenses, but there is a growing gap right now,” Lee says of AI.

Check out the latest episode of Data Book for the full conversation, as Lee discusses the risks from vendors and other third parties and the need to focus on resilience in the wake of an attack.

Reminder: You can subscribe to Data Book wherever you get your podcasts.


Latest CME