Cyber resilience in healthcare: Why is this topic not only for IT specialists?

SHIELD, “Securing Health & social care Institutions resilience to cybercrimes through Empowerment Literacy and Digital skills of the workforce and students,” is an international initiative carried out under the Erasmus+ program. It aims to strengthen the resilience of healthcare and social care institutions against cybercrime through education, the development of digital skills, and the promotion of safe habits. 

Seven countries are participating in the project: Czechia, France, Greece, Italy, Malta, Poland, and Portugal. The Polish partner is the Medical University of Warsaw.

What is SHIELD?

SHIELD is not a project that merely describes the problem. It is a partnership planned for 2025–2028, aimed at creating a comprehensive cybersecurity education program for students and professionals in healthcare and social care. The project includes the development of a curriculum, teaching materials, a gamified e-learning platform, a mobile application based on realistic scenarios, and microcredentials certifying specific competencies. 
SHIELD goes beyond simple advice such as “use strong passwords and do not click suspicious links.” The project team first sought to identify what participants genuinely do not know, what they find concerning, what situations they encounter in work and daily life, and which forms of learning actually help them change their behavior. For this reason, the project’s first phase focused on needs analysis covering educational needs, competency gaps, and barriers to cybersecurity learning. Only afterward did the team begin translating these findings into practical teaching tools.

What did the first research stage reveal?

The first stage of the project has already been completed. It included a survey conducted across the seven partner countries, as well as Living Labs sessions, that is, in-depth discussions and workshops with participants. A total of 58 people participated in the survey, and 36 took part in the Living Labs. These included mainly students and professionals connected with healthcare and social care, as well as cybersecurity experts and representatives of the broader social environment. This allowed the report to reflect not only knowledge levels, but also the everyday experiences, concerns, and practical needs of various groups. 

The results are both reassuring and concerning. They are reassuring because 41 out of 58 respondents declared they had previously received cybersecurity training. They are concerning because when asked to assess their own preparedness and understanding of threats, the average score was only 3.36 on a five-point scale. This suggests that while many know the basics, they do not feel confident when responding to real incidents, making decisions under pressure, or assessing the consequences of data breaches. 

The report also shows that the most common threats exploit human haste and inattention: fraudulent emails and text messages, impersonation of trusted institutions, and various online scams. In phishing scenarios, 75.9% of respondents said they could recognize and handle the threat independently. For smishing (fraudulent text messages), this figure was 74.1%. However, when problems became more technical, involving malware, unauthorized system access, account compromise, or data leaks, respondents were far more likely to need assistance. In other words, people are increasingly able to recognize basic digital traps, but many still lack confidence when situations become more serious. 

What do students and professionals need most today?

From a healthcare perspective, respondents identified the greatest risks as loss or theft of patient and personal data, phishing attacks, accidental disclosure of information, and insufficient staff awareness. This shows that cyber threats are not perceived solely as dramatic external attacks. Just as often, they stem from everyday haste, fatigue, unclear procedures, or insufficient organizational support. In medical environments, this is especially significant because even minor mistakes can have not only technical consequences, but also ethical and clinical ones.

Respondents were also very clear about what they want to learn. Top priorities included: good cybersecurity practices, protection of private and professional data, responding to cyberattacks, and recognizing false information. Also ranked highly were the ability to recognize phishing attempts and the protection of sensitive patient data. Importantly, participants’ needs extend beyond content alone. They want learning tools that are interactive, visual, based on concrete cases, short modules, and simulations resembling real situations from everyday work. They value quizzes, decision-making scenarios, and training that can be completed at their own pace, even in segments lasting just several minutes. 

A very valuable conclusion is also that the barrier is not solely lack of knowledge. Respondents frequently mentioned lack of time, overly theoretical training, the rapid pace of technological change, fatigue caused by information overload, and the perception that cybersecurity is too technical and therefore “not for them”. Some participants also emphasized the need for a “no blame” culture, a work environment where incidents or mistakes can be reported without fear of criticism. In healthcare, this is a fundamental issue because security improves when staff report errors quickly and learn from them collectively rather than conceal them. 

What stage is the project at now?

SHIELD has completed its needs-analysis phase and is now entering the next, highly practical stage. The findings from the diagnostic report will serve as the basis for developing the educational curriculum, audience-engagement guidelines, course and game content, and the microcredential system. The project partners will then launch the e-learning platform and mobile application, followed by pilot testing in six locations involving at least 193 students and healthcare and social care professionals. 

The role of WUM in these next stages is substantial. Our university is co-developing the educational curriculum, supporting microcredential design, and in the later part of the project, will be responsible for preparing tools to assess participants’ knowledge and skills, co-developing the platform evaluation framework, and carrying out the final assessment of program outcomes. This shows that WUM’s participation is not limited to membership in the international consortium but includes key substantive and evaluative elements of the entire initiative. 

Patient safety begins with everyday decisions

The most important message of SHIELD’s first stage is simple, although its consequences are far-reaching: cybersecurity in healthcare is not an addition to “real” work, but an integral part of it. Just as we care about hand hygiene, accurate documentation, and effective patient communication, we must now think in the same way about digital hygiene. It determines whether we recognize a suspicious message, whether we properly secure data, whether we know to whom to report an incident, and how not to worsen the problem. 

The SHIELD project shows that effective education in this area should not frighten, moralize, or overwhelm people with technical language. It should teach responding calmly, recognizing threat patterns, and building good habits that can be applied every day, at the university, in the hospital, in the clinic, and at home. If we want modern, safe, and trustworthy healthcare, we must treat cyber resilience just as seriously as any other professional competency. And that is precisely why SHIELD is a project worth following closely: because it concerns not only technology, but above all, the safety of people. 

Page with additional information about the project