Agentic AI for Healthcare Cybersecurity: Autonomous Threat Detection and Ethical Implementation Challenges

Abstract

Healthcare systems that integrate electronic health records (EHRs), clinical systems, and Internet-of-Medical-Things (IoMT) devices, face increasing cyber threats which directly endanger patient safety and disrupt continuity of care. We propose an implementation-focused cyber threat detection model and assess five models: Random Forest (RF), Gradient Boosted Trees (GBT), and Support Vector Machines (SVM) with Radial Basis Function (RBF) kernel, Logistic Regression (LR), as well as a contextual event summary-aware BERT model. [1]–[4]. We construct a single event schema pertaining to telemetry of relevance to healthcare (network/host/identity/context), implement time-forward splits to mitigate temporal leakage, and set decision thresholds for an asymmetric cost of healthcare (large penalty for false negatives). Outside of historical metrics, we propose MEDSEC-AGENT, a governed agentic orchestration layer that converts model scores into safe, auditable SOAR actions aligned with incident-handling guidance [5], zero trust controls [6], and health-sector practices [7]. We provide reproducible pseudocode, configuration patterns, and operational blueprints to accelerate responsible adoption in real hospital environments.

Ähnliche Arbeiten