Videos
Emergency Medicine CyberSim Videos
Emergency Downtime Debrief: Assessing Risks and Readiness in Critical Care
This study explores the impact of technological failures on emergency medical care through a simulated downtime exercise...
Show MoreThis study explores the impact of technological failures on emergency medical care through a simulated downtime exercise. Participants, including physicians and nurses, were subjected to a scenario in which multiple critically ill patients required treatment without access to electronic medical records (EMR), communication systems, or automated medication dispensaries. The exercise highlighted the heavy reliance on digital infrastructure for patient safety, clinical decision-making, and workflow coordination. Key findings include the difficulty of reverting to paper-based processes, delays in obtaining critical lab results and imaging, and challenges in interdepartmental communication. The exercise also exposed vulnerabilities in emergency preparedness, emphasizing the need for improved training on downtime procedures and contingency planning for large-scale system failures, such as cybersecurity incidents. Participants expressed confidence in their medical expertise but voiced concerns about the broader hospital system’s ability to sustain patient care during prolonged disruptions. The study underscores the necessity of integrating analog redundancies into modern healthcare environments to mitigate the risks associated with technological dependency.
Watch Full VideoCyberSim and Emergency Medicine: Navigating Patient Care During a Simulated Cybersecurity Failure
This study examines the challenges posed by technological failures in emergency medical care through a simulated cybersecurity incident...
Show MoreThis study examines the challenges posed by technological failures in emergency medical care through a simulated cybersecurity incident (CyberSim) involving a 74-year-old female patient experiencing a critical health event. Participants navigated patient assessment, stabilization, and resuscitation without access to electronic medical records (EMR), automated medication dispensaries, or digital communication systems. The exercise highlighted key vulnerabilities, including delays in diagnostic imaging, difficulty in obtaining laboratory results, and impaired coordination between medical teams due to communication breakdowns. The absence of digital safeguards required reliance on manual processes and clinical judgment, increasing the risk of errors in medication administration and patient management. Participants emphasized the importance of contingency planning, including analog documentation, alternative communication protocols, and enhanced team coordination. The findings underscore the necessity for healthcare institutions to develop robust downtime protocols and cybersecurity resilience strategies to mitigate disruptions in patient care during technological failures.
Watch Full VideoManaging Trauma and Seizures Without Tech: Lessons from a Simulated Downtime Scenario
This study investigates the challenges of managing critical trauma and seizure patients in emergency settings with technological limitations...
Show MoreThis study investigates the challenges of managing critical trauma and seizure patients in emergency settings with technological limitations. Through a simulated downtime scenario, participants managed a middle-aged male with stab wounds and a 32-year-old female with a known seizure disorder, both requiring urgent stabilization and advanced interventions. The exercise highlighted key challenges, including delays in accessing imaging, laboratory results, and neurology consultations due to communication barriers. Participants relied on manual documentation, verbal coordination, and physical transport to compensate for the lack of electronic medical records (EMR) and automated systems. The simulation underscored the importance of analog redundancies, rapid adaptability, and interdepartmental collaboration in ensuring patient safety during system failures. Findings suggest the need for enhanced training in low-tech emergency workflows and improved contingency planning to maintain continuity of care in critical situations.
Watch Full VideoEmergency Trauma Management in a Non-Trauma Center: Challenges in Stabilization and Transfer During System Disruptions
This study examines the challenges of stabilizing and transferring a critically injured patient in a non-trauma center setting...
Show MoreThis study examines the challenges of stabilizing and transferring a critically injured patient in a non-trauma center setting, with a focus on system inefficiencies and resource limitations. The simulated case involved a 60-year-old incarcerated male with multiple stab wounds to the chest and abdomen, presenting with hypotension, difficulty breathing, and signs of internal bleeding. Key issues included difficulties in securing blood products, limited access to surgical teams, and delays in coordinating patient transfer due to communication barriers with external trauma centers. The exercise underscored the importance of rapid fluid resuscitation, early airway management, and the need for clear communication protocols during interfacility transfers. Participants also highlighted the impact of limited access to real-time patient records and system downtimes on clinical decision-making. Findings suggest that non-trauma centers require enhanced emergency preparedness training, streamlined transfer protocols, and improved coordination with regional trauma networks to ensure optimal patient outcomes in high-risk situations.
Watch Full VideoManaging Anaphylaxis Without Technology: Insights from a Simulated Emergency Downtime
This study examines the impact of technological failures on emergency care through a simulated case of a 23-year-old female experiencing an anaphylactic reaction...
Show MoreThis study examines the impact of technological failures on emergency care through a simulated case of a 23-year-old female experiencing an anaphylactic reaction. Participants were required to assess, stabilize, and manage the patient without access to electronic medical records (EMR), computerized order entry, or standard communication systems. Key challenges included difficulties in obtaining medications, documenting care manually, and coordinating with the pharmacy and intensive care unit (ICU) without digital tools. The exercise highlighted the importance of alternative communication methods, such as verbal orders and written documentation, as well as the necessity of maintaining physical backup resources, including downtime forms and manual medication calculations. Despite the absence of electronic support, participants effectively administered epinephrine, steroids, and antihistamines while closely monitoring the patient’s vitals and preparing for potential airway complications. The findings underscore the need for hospitals to establish robust downtime protocols and train staff in low-tech emergency workflows to ensure continuity of care during IT system failures.
Watch Full VideoCHC Research Symposium
Chris Longhurst, MD - AI, Digital Health, and Cybersecurity: Advancing Healthcare Resilience and Patient Safety
Dr. Christopher Longhurst, Executive Director of the Jacobs Center for Health Innovation, examines the evolving role of AI, digital health, and cybersecurity in modern healthcare...
Show MoreDr. Christopher Longhurst, Executive Director of the Jacobs Center for Health Innovation, examines the evolving role of AI, digital health, and cybersecurity in modern healthcare. He highlights UC San Diego’s leadership in AI integration within electronic health records, smart hospital innovations, and remote patient monitoring. Emphasizing cybersecurity as a critical patient safety issue, Dr. Longhurst presents research linking ransomware attacks to regional healthcare disruptions and increased patient mortality. He also explores cross-sector collaborations, including partnerships with industry leaders like Microsoft, to enhance digital healthcare resilience. This session offers a forward-looking analysis of AI-driven healthcare advancements and the pressing need for cybersecurity strategies that prioritize both data protection and patient safety.
Watch Full VideoAaron Schulman - Rapid Response to Ransomware: Deploying Emergency IT Infrastructure in Hospitals
Aaron Schulman presents his insights at the CHC Research Symposium, exploring innovative approaches in healthcare research and emerging trends.
Show MoreIn this presentation, Aaron Schulman discusses the challenges and opportunities in modern healthcare research. His talk covers the integration of digital health strategies and cybersecurity measures to enhance patient outcomes and system resilience.
Watch Full VideoIsabel Straw, BMBS, PhD - Cipher: A Data-Driven Framework for Assessing the Clinical Impact of Cyberattacks on Healthcare Systems
Cyberattacks on healthcare institutions present critical risks to patient safety, yet their clinical consequences remain inadequately understood...
Show MoreCyberattacks on healthcare institutions present critical risks to patient safety, yet their clinical consequences remain inadequately understood. Dr. Isabel Straw, a visiting fellow at the UCSD Center for Healthcare Cybersecurity, is developing Cipher, an analytical platform designed to model and predict the impact of cyberattacks on hospital operations and patient outcomes. Integrating methodologies from emergency medicine, artificial intelligence, and public health, Cipher employs systematic ransomware incident reviews, expert-driven clinical assessments, and machine learning-based forecasting to identify high-risk patient populations and anticipate care disruptions. Early findings indicate that emergency medicine, trauma care, and pathology services are particularly vulnerable during IT outages, leading to increased morbidity and delayed diagnoses. Future iterations of Cipher will incorporate real-time emergency response strategies to help hospitals prioritize mitigation efforts. By translating cybersecurity threats into public health risk models, this research establishes a data-driven foundation for enhancing healthcare system resilience against cyber threats.
Watch Full VideoGeoff Voelker, PhD - Rethinking Phishing Training: Evaluating the Effectiveness of Embedded Cybersecurity Education in Healthcare
Phishing remains a major cybersecurity threat, particularly in healthcare settings where data security is critical...
Show MorePhishing remains a major cybersecurity threat, particularly in healthcare settings where data security is critical. This study evaluated the effectiveness of embedded phishing training through an eight-month randomized controlled trial at UCSD Health, involving approximately 20,000 employees. Participants were divided into five groups—one control and four receiving various training formats, including static and interactive exercises. The study analyzed phishing failure rates to assess how training influenced employees’ ability to detect phishing attempts. Findings reveal that the primary factor affecting phishing susceptibility was the type of phishing lure, rather than training efficacy. While embedded training showed a statistically significant but minimal effect, its impact was outweighed by the effectiveness of the phishing tactic itself. Annual security training also had no measurable influence on reducing risk. Notably, nearly half of the employees exposed to training ignored it, with 90% engaging for less than a minute. These results suggest that traditional phishing training methods may not meaningfully enhance security awareness. Instead, organizations should prioritize alternative strategies, such as multi-factor authentication, behavioral interventions, and real-time security measures. This study underscores the need for evidence-based approaches to cybersecurity training to strengthen organizational resilience against phishing threats.
Watch Full VideoStefan Savage, PhD - Real-Time Detection of Ransomware Attacks in Healthcare: Leveraging Public Signals for Early Warning and Response
Ransomware attacks on healthcare institutions disrupt critical operations and threaten patient care, yet real-time detection remains a challenge...
Show MoreRansomware attacks on healthcare institutions disrupt critical operations and threaten patient care, yet real-time detection remains a challenge due to delayed reporting and limited visibility into affected systems. This work explores methods to infer ransomware incidents by analyzing disruptions in hospital IT infrastructure, leveraging publicly accessible signals such as service availability, healthcare APIs, network activity, and social media indicators. By monitoring deviations in these signals at scale, we develop an empirical approach to identify potential cyberattacks as they unfold. The findings aim to enhance situational awareness, inform response coordination, and provide a longitudinal dataset to support cybersecurity resilience in the healthcare sector.
Watch Full VideoPat Pannuto, PhD - Securing Embedded Medical Devices: Advancing Beyond Functionality to a Platform-Based Security Model
The security of embedded medical devices has historically lagged behind broader computing advancements, evolving from a focus on functionality to robustness and...
Show MoreThe security of embedded medical devices has historically lagged behind broader computing advancements, evolving from a focus on functionality to robustness and, only recently, security. Pat Pannuto explores this trajectory, highlighting the absence of adversarial threat models in early medical devices and the emergence of vulnerabilities as unintended consequences of broader system risks. He underscores the need for trusted computing platforms that extend security beyond individual devices to firmware, cloud integration, and wireless communication. By examining real-world case studies, Pannuto illustrates how weak protections in medical devices have been exploited and advocates for a platform-based security approach akin to smartphone ecosystems and FCC pre-certification models. His analysis suggests that adopting pre-certified secure platforms could enhance medical device security, streamline regulatory approval, and improve resilience in an increasingly interconnected healthcare landscape.
Watch Full VideoNitin Natarajan - Evolving Cyber Threats to Critical Infrastructure: Strengthening Resilience in Healthcare and Beyond
As cyber threats evolve in sophistication, critical infrastructure—particularly healthcare—faces escalating risks from cybercriminal enterprises...
Show MoreAs cyber threats evolve in sophistication, critical infrastructure—particularly healthcare—faces escalating risks from cybercriminal enterprises and state-sponsored actors. This session explores the shifting threat landscape, emphasizing the growing reliance on ransomware-as-a-service and the urgent need for cross-sector collaboration to enhance resilience. Key cybersecurity initiatives, including CISA’s Pre-Ransomware Notification Initiative (PRNI), secure-by-design frameworks, and cybersecurity hygiene programs, are examined in the context of mitigating systemic vulnerabilities. The discussion highlights the increasing interdependence of critical infrastructure sectors and the compounded risks posed by supply chain complexity and emerging AI-driven threats. Special attention is given to adversarial activity from the People’s Republic of China (PRC) and its implications for U.S. infrastructure security. Recognizing healthcare’s resource constraints, the session underscores the necessity of integrating cybersecurity into procurement, policy, and workforce education. With a call to action for increased investment and security awareness, the session provides a forward-looking perspective on the need for continuous adaptation and innovation in safeguarding essential systems.
Watch Full Video