Last week’s cyberattack involving systems connected to Stryker is a reminder of something many in healthcare are only beginning to fully appreciate: hospitals are no longer simply places of care. They are part of a vast and increasingly complex digital infrastructure.

When adversaries—reportedly including Iranian-linked cyber groups—target healthcare technology companies, they are not merely attacking software. They are probing the resilience of the entire care ecosystem: hospitals, device manufacturers, supply chains, clinical data systems, and the interconnected technologies that support patient care every day.

In previous decades, threats to healthcare came in familiar forms: infection, equipment failure, or system overload. Today, an attack may begin with a phishing email, a compromised password, or a malicious link. The battlefield has expanded into networks, servers, and identity systems that quietly power modern medicine.

In this new era, cybersecurity is not solely the responsibility of the IT department. It belongs to every clinician, administrator, and staff member who touches a login screen.

Admittedly, the safeguards can feel burdensome. Complex passwords. Two-factor authentication. Security prompts. Phishing training modules. Another login request just when you are trying to access a patient chart or review a radiology report before rounds.

Many physicians understandably see these steps as friction in an already demanding day.

But there is a useful analogy in medicine itself.

In the operating room, sterile technique takes time. Surgical timeouts interrupt momentum. Medication double checks require another set of eyes. These processes can feel redundant, even frustrating, especially when the schedule is full and the day is long.

Yet no physician would argue that these safety rituals are unnecessary. They exist because experience has taught us that a single lapse can harm a patient.

Cybersecurity safeguards serve the same purpose.

Most cyber breaches do not begin with sophisticated artificial intelligence or exotic code written by elite hackers. They begin with something much simpler: a compromised password, a phishing email opened during a busy clinic session, or a reused login credential captured somewhere along the digital supply chain.

One moment of distraction can become the entry point into an entire healthcare network.

The Stryker incident illustrates how interconnected our systems have become. A disruption at a medical device company can ripple outward through hospitals, surgical services, logistics networks, and clinical workflows. Even if patient care continues uninterrupted, the event reminds us how dependent modern medicine is on secure digital systems.

Healthcare has become part of the nation’s critical infrastructure.

Electric grids, water systems, financial institutions, transportation networks—and now hospitals—are increasingly recognized as strategic targets in geopolitical cyber conflict. When attackers probe healthcare systems, they are not simply looking for data. They are testing the resilience of institutions that communities depend upon in moments of vulnerability.

For physicians, this reality introduces a new dimension of professional responsibility.

Our oath has always centered on protecting patients from harm. Traditionally that meant preventing infection, ensuring safe procedures, and delivering careful clinical judgment. Today it also means safeguarding the digital environment that supports patient care.

The login screen, in a sense, has become a new front door to medicine.

Each time we pause to verify a password, confirm a two-factor authentication prompt, or question a suspicious email, we are participating in a modern extension of patient safety. The action may seem small, even trivial, but multiplied across thousands of clinicians and millions of daily interactions, these habits create the defensive perimeter around our healthcare system.

Medicine has always adapted to new threats. Antisepsis transformed surgery. Blood banking reshaped trauma care. Sterilization protocols changed operating rooms forever.

Cybersecurity may represent the next evolution of that same principle.

The mission remains unchanged.

Protect the patient.

In today’s world, that responsibility extends not only to the bedside and the operating room—but also to the digital front door of medicine.

Michael M. Karch, MD | Mammoth Orthopedic Institute | Chief Medical Officer, Brava Health