Ontological Security and Threat Mitigation in Healthcare: A Descriptive Exploration

Abstract

Abstract: The healthcare sector’s growing reliance on interconnected cyber-physical systems, from electronic health
records (EHRs) to networked medical devices, has expanded both operational capabilities and systemic vulnerabilities. The
costs associated with cyber-attacks have become a financial burden for the global healthcare sector, with estimates whose
substance is capable of bankrupting institutions. These costs underscore the urgent need to analyze expanding attack
surfaces at the intersection of cybersecurity and biosecurity [cyberbiosecurity (CBS)/biocybersecurity (BCS)], requiring
systematic identification of targetable assets and corresponding defense protocols. This paper analyzes healthcare’s
evolving threat landscape through the lens of ontological security. The commentary focuses specifically on threats to living
systems and biological data integrity (e.g., genetic, biometric), suggesting how a focus on these unique biological targets
necessitates a shift from purely IT-centric defense to a human-centric risk posture. Addressing this, we draw on the
synthetic definition of ontological security which addresses stability from continuity of experience in one’s life and apply it
to the healthcare space. From here, we build on the notion of perceptions of secure healthcare spaces aiding care
received, we attempt to spotlight potential consequences relating to vulnerabilities in healthcare that could link to lapses
in patient care, including identity fragmentation during biometric theft, temporal collapse from ransomware-induced care
delays, and spatial destabilization via telemedicine breaches. The paper provides a commentary that draws on select
literature, drawing on a combination of techniques and observations that can restore lapses in ontological security. We
address ethical imperatives for protecting biometric and genetic data, as central targets in this expanded threat landscape,
while outlining policy measures to future-proof healthcare systems against AI-driven threats. By centering existential safety
alongside technical safeguards, this work redefines healthcare cybersecurity as a covenant of human security in an
increasingly digitized care ecosystem. The goal of this exploration is to provide global health institutions with
considerations to aid care strategies that simultaneously protect patient safety, provider integrity, and institutional
resilience.