Former NSA Director Calls for Robust Health Care Cyber Defenses

Former U.S. Cyber Command Commander and NSA Director Gen. Paul Nakasone called for a forward-thinking approach to cybersecurity and innovation as the health care sector grapples with rising cyber threats and the need for technological advancements.

“How do we think about today, the present and, of course, of the future, of what our health care sector needs to ensure that we adapt, adopt and advance these technologies,” Nakasone said at HIMSS 2025 in Las Vegas, Nevada, Wednesday. 

Cybersecurity Lessons from COVID-19

In March 2020, the Department of Health and Human Services (HHS) and the Defense Department (DOD) secretaries worked together through Operation Warp Speed to accelerate vaccine development from years to months and create secure communication channels to bolster partnerships as government and industry collaborated to develop solutions.

Nakasone said Operation Warp Speed serves as a model for rural health care centers to prevent ransomware attacks. A recent report from Microsoft identified that rural hospitals provide critical health services for nearly 14% of the U.S. population and are increasingly vulnerable to cyberattacks. Nakasone said an average hospital ransomware attack in 2024 cost $1.9 million a day in revenue. 

“We have to get beyond just talking about the problem of ransomware … we’re always on the right-hand side talking about what occurred. I want to talk about how to get on the left-hand side, so we don’t have these ransomware attacks,” said Nakasone.  

Investing in the Next-Gen Workforce

Over the next five years, Gen Z will become the largest population of the federal workforce, Nakasone said. He recommended agencies and organizations increase their commitment to bridging knowledge and skills gaps to boost national security.

“I often say, in the future, I want policymakers who can code and coders who understand policy. Wouldn’t it be nice to have clinicians who code? Coders who understand what clinicians do?” said Nakasone.

Nakasone compared the current investments in AI and computing infrastructure to those made in the 1990s for internet infrastructure. Nakasone said computing requires data, semiconductor chips and talent, adding that policy will need to encourage cyber education like the National Defense Education Act.

“I’m very hopeful that we’ll have [something that] looks at technology for the future in the same way that we had a Sputnik moment in the 50’s,” said Nakasone. “I’m hopeful that the same way we look at this as our funding moment, and then we have a huge number of graduates in the future that understand science, technology, engineering and mathematics.”