Skip to main content

Cybersecurity for hospitals and medical facilities

Enroll Now

About This Course

The course Cybersecurity for hospitals and medical facilities is a professional extension of the Cyber Security Overview for IT Administrators course. The course will give you insight into general cybersecurity topics addresed in hospitals and other medical facilities. It will acquaint you with the most common threats shown on foreign and domestic examples. It will also guide you through the domain of risk assessment. Moreover, the course materials will provide the basics of logs and network monitoring with the help of real examples from practice. Do not hesitate and enroll in the course right now!

Meet your lecturers

Course Outline

  • The most common cybersecurity threats of hospitals and other medical facilities
    • Examples of real-world attacks and their impact
  • Risk assessment
    • Infrastructure assessment
    • Preparation of recommendations for new technologies
    • Medical equipment and the assessment of their risks
    • Telemedicine trends
    • Legislation on the state critical information infrastructure
  • Risks mitigation and attack response
    • Segmentation of network, devices, or users
    • Access control implementation
    • Firewall setup recommendation
    • Data backup approaches
  • Monitoring
    • Logs, network
    • Basics of incident detection and investigation


  • Successful completion of the Cyber Security Overview for IT Administrators course.
  • Basic knowledge of IT in hospitals such as Hospital Information System, PACS, etc.
  • Basic overview of the operation of the hospital.
  • Basic knowledge of command line and scripting.
  • Basic knowledge of principles of operating systems and their architectures.
  • Knowledge of operating system administration.
  • Knowledge of the common networking and routing protocols (e.g., TCP/IP), services (e.g., web, mail, DNS), and how they interact to provide network communications.

Learning Outcomes

Once you finish this course, you will be able to:

  • Understand common threats and assess the infrastructure.
  • Understand, analyse, and apply security hardening of network infrastructure with medical devices to prevent potential attack vectors.
  • Use the experience from previous trainings applied on real infrastructure.


  • Lee Brotherston and Amanda Berlin. Defensive security handbook: best practices for securing infrastructure. First edition, O’Reilly, 2017. ISBN: 9781491960387.
  • NIST, Cybersecurity Framework - Available here
  • NIST, Implementing a Zero Trust Architecture - Available here
  • Enisa, Procurement Guidelines for Cybersecurity in Hospitals - Available here


    Q: I have an issue with registration/logging in. Who can I contact?
    A: In this case, please contact our edX administrator —
    Q: Do I need some sort of special equipment for passing the course?
    A: No. You don't need any special equipment. You will just basically need a PC or a notebook with an internet connection for studying our course.
    Q: What's the difference between your course and other online courses that seem the same?
    A: Besides the course's theoretical background (during its self-study part), it is primarily focused on practical tasks with hands-on exercises, final an assignment, and one day workshop.
    Q: I have some experience in the field that your course covers. I just need to study topics I am not experienced with. Can I just skip those parts of the course I already know?
    A: The whole self-study part of the course is focused on your own learning process. It means you can study as fast or as slow as you can at the moment. It also includes the content itself — our course allows you to learn just those important parts. But it is crucial to accomplish all mandatory tasks to finish our course.
    Q: What are the conditions for successful completion of the course?
    A: You need to accomplish the course's final assignment and be present at the workshop (which will be followed after the self-study part of the course). The final assignment consists of two parts. They are connected to the workshop, so they are a crucial element of this course.
    Q: What if I find out that the course is not useful for me?
    A: Of course, this can happen. In the first place, we recommend you contact the course administrator to help you anyhow. Even after that, if you still feel that our course does not suit you, just stop studying and let us know.

Sub-project TN01000077/8 CSIRT BootCamp implemented within the project TN01000077 The National Center of Competence for Cybersecurity is solved with the financial support of TA ČR.