cyber resilience in healthcare
,

Cyber Resilience in Healthcare: Chao Cheng Shorland on Designing Systems That Never Stop

Gizel GomesGizel Gomes, January 7, 2026 | 9 min read
Healthcare Cyber Resilience: This exclusive interview explains why cyber resilience is a clinical priority, how real-time EHR continuity protects patient care, and what healthcare leaders must do to stay ahead of cyber threats.

Ransomware attacks, system outages, and data breaches are no longer edge cases in the healthcare industry – they are becoming an everyday operational reality. Yet many healthcare centres are still relying on the same cyber playbook they used a decade ago: detect, patch, recover, repeat.

The result is an industry stuck in a cycle of reaction, where clinical teams are left navigating downtime with workarounds that put patient safety, data integrity, and trust at risk. Chao Cheng-Shorland, CEO of ShelterZoom, challenges that traditional mindset.

She explains why perimeter-based defences are no longer sufficient and how ‘patch fatigue’ is becoming a growing risk in healthcare environments. Chao also breaks down how real-time Electronic Health Record (EHR) continuity works, why downtime planning needs a rethink, and why prioritizing resilience will soon become a basic requirement – not a competitive advantage.

Cyber Resilience and Industry Context

Healthcare has become one of the most aggressively targeted sectors for ransomware. From your vantage point, what fundamental gaps in today’s cybersecurity and infrastructure strategies make healthcare centers so vulnerable? And how should leaders rethink their approach?

Chao: Most hospitals still lean on traditional, perimeter-focused cybersecurity and a patchwork of systems that just weren’t built for today’s fast, relentless attacks. They pour energy into spotting threats and cleaning up messes, but they rarely tackle the heart of the issue: keeping everything running, no matter what.

To actually make a difference, leaders need to let go of the fantasy that cybersecurity alone will keep the lights on. They have to start thinking “secure-by-design and continue-by-default,” which means assuming outages and breaches will happen and building their tech so doctors and nurses don’t miss a beat—even in the middle of a crisis. Cyber resilience has to be baked into the infrastructure, just like fire alarms or emergency power.

The industry has relied on a reactive “patch-and-pray” mindset for years. How do you define “patch fatigue,” and what practical steps can organizations take today to move from reactive defense to proactive continuity?

Chao: Patch fatigue sets in when people are stuck in an endless loop, scrambling to slap on updates faster than the next threat rolls in. It burns out teams and leaves gaps for attackers. Hospitals are even more vulnerable because their electronic health records (EHRs) are so deeply interconnected. Fixing one part can mean shutting down others or causing unexpected issues elsewhere.

To get out of this trap, hospitals have to rethink the basics. They need to use systems where continuity is just how things work. That could mean having backup systems that keep running when the main EHR is down, automating patches so humans aren’t always in the hot seat and cutting down on risky manual workarounds.

When the tech is set up so essential services keep humming, even during updates, patching stops being a crisis and starts feeling routine.

A December 2024 U.S. Dept. of Health and Human Services report identified 677 major health data breaches affecting more than 182.4 million people during 2024. With such numbers, what systemic change do you believe is necessary across health systems?

Chao: The focus has to shift from just “security first” to “resilience first.” Security tries to block every threat, but resilience assumes some will get through and makes sure hospitals can still care for patients, protect data and hold people accountable when things go wrong.

So what needs to change? Health systems must:

Subscribe to our bi-weekly newsletter

Get the latest trends, insights, and strategies delivered straight to your inbox.

– Upgrade outdated tech that hides problems and creates new risks.

– Use data records that can’t be tampered with, so information stays trustworthy even if someone breaks in.

– Redesign downtime protocols so clinical teams can keep working, no matter what’s happening behind the scenes.

– Demand more from tech vendors as solutions have to protect both data and the actual delivery of care.

With attackers outpacing defenses, resilience is the only way forward.

Strategic Leadership and Cyber Resilience in Times Ahead

Many clinicians and tech leaders still view cyber resilience as an IT function rather than a patient-care function. What must change in leadership mindsets to embrace continuity technology as a core part of clinical safety?

Chao: Leaders need to stop asking, “Is our data safe?” and start asking, “Can our clinicians actually take care of patients if the tech goes down?” That’s how critical industries like aviation and banking already think. Healthcare needs to catch up.

So, what needs to change?

  • Bring cyber resilience into your clinical safety committees.
  • Hold everyone at the top, such as CIOs, CMOs, COOs, accountable for keeping the lights on.
  • Treat downtime as a clinical risk you can manage, not just an IT headache.

When everyone owns continuity, not just IT, patient safety gets a major boost.

How do you envision the role of proactive continuity systems evolving over the next 3 – 5 years as cyberattack velocity and sophistication continue to rise?

Chao: Continuity systems will evolve from optional add-ons to mandatory components of healthcare infrastructure. This will entail:

  • Systems that kick in automatically when things break so no one is scrambling to flip the switch.
  • AI that spots trouble before an outage hits, so you can fix issues early.
  • Continuity tools that cover everything, not just downtime. For example, updates, patches, upgrades and the like.
  • Resilience that stretches across all your systems: EHR, imaging, pharmacy, the works, etc.

Soon, these systems will be like airbags in your car – always there in the background, barely noticeable, but lifesaving in a crisis.

Technology and Architecture

Can you explain the architecture and principles that enable Spare Tire to sync live EHR data without degrading system performance or security?

Chao: Spare Tire’s secret sauce is a read-optimized, decoupled setup that lives outside the main EHR. It syncs data in real time, using an event-driven approach, so it’s only grabbing the changes that matter, not constantly hammering the live database.

Here’s what makes it tick:

  • Non-invasive integration: The integration is hands-off. No extra strain on production systems, no code changes needed.
  • Zero-trust alignment: It’s built around zero-trust principles, namely strict identity checks, encryption everywhere and minimal access for everyone.
    Segmentation: The Spare Tire system is totally separate, so if attackers get in, they can’t move sideways.
  • Performance neutrality: Syncing happens in the background, so clinical work isn’t slowed down.

All this means hospitals get a real-time backup that doesn’t open new security holes.

What specific innovations allow Spare Tire to activate within minutes during an outage – and what should decision-makers look for when evaluating any downtime or resilience solution?

Chao: When there’s an outage, Spare Tire can spring into action in minutes because of three things:

1. Its backup environment is always on and always synced. No panicked setup needed when disaster strikes.

2. You can easily flip the switch to backup mode during an event.

3. Clinicians don’t have to stop what they’re doing, log in somewhere new or re-enter data. They just keep working.

For decision-makers sizing up resilience solutions, the checklist is straightforward:

  • Real-time syncing, not yesterday’s data dumps.
  • Activation that takes minutes, not hours.
  • The ability to keep running, even in the middle of chaos.

How does Spare Tire prevent issues like data drift or documentation gaps during long outages, and what can readers adopt as best practices to strengthen their own downtime protocols?

Chao: Spare Tire prevents data drift through continuous bidirectional reconciliation. Every clinical action taken in Spare Tire, such as order entry, documentation or medication updates, is timestamped, versioned and automatically queued for sync as soon as the primary EHR is restored.

Key mechanisms include:

  • Event-level tracking: Captures every update with full integrity and traceability.
  • Automated sync: Eliminates manual transcription, reducing errors and gaps.

Best practices healthcare organizations can adopt today include:

  • Standardizing structured templates for downtime documentation.
  • Eliminating handwritten notes or ad-hoc shadow systems.
  • Establishing a clear chain-of-custody for all downtime records.
  • Practicing downtime drills the same way hospitals practice disaster drills.
  • Reducing manual intervention dramatically improves accuracy and continuity.

Bottom line: The less manual work you have, the better your accuracy and continuity.

Guidelines for New Tech Leaders

What advice would you like to give to future healthcare tech leaders in the cyber space?

Chao: If you’re leading in cyber, here’s what matters:

  • Keep things simple. The more complex your setup, the bigger your risk.
  • Plan for failure. Build your systems so they keep running, even when something goes wrong.
  • Focus on people. Every tech choice should make things safer and better for real humans.

Cybersecurity is oftentimes thought of as just defending computers, but really it’s about protecting trust. The leaders who get that will set the pace for everyone else.

Closing thoughts:

This conversation makes one thing clear: the future of cybersecurity in healthcare will be defined less by how well organizations block attacks and more by how well they continue to operate when attacks succeed.

Chao Cheng-Shorland’s perspective challenges leaders to rethink resilience as clinical infrastructure, not an IT contingency. As cyber threats grow more frequent and outages more disruptive, the ability to keep care moving, data accurate, and clinicians confident will become a baseline expectation for every healthcare organization. Those who build for continuity today will be far better prepared for the realities of tomorrow.

Keynotes for tech leaders

What can healthcare CTOs and CIOs do?

  • Evaluate downtime readiness from the clinician’s perspective
  • Identify systems that must remain operational at all times
  • Reduce manual processes during outages to limit risk
  • Test continuity plans with the same rigor as emergency response

Resilience isn’t about preventing failure – it’s about ensuring care never stops.

About the Speaker: Chao Cheng-Shorland is a market leader in cyber resilience and digital content control SaaS solutions. She is a highly experienced executive, internationally renowned for applying inventive business methods and innovative technology to create real value for enterprises and organizations of all sizes. Under her leadership, ShelterZoom has successfully delivered two industry-first, next-generation cyber resilience and smart document platforms that have revolutionized many industries. As a result, ShelterZoom has won multiple global awards, such as Top 50 Startup 2021 at WorldFestival and SIIA CODiE Best Emerging Technology 2018. She was also named Female Innovator of the Year by Women World Awards, The Responsible 100 by NY City & State as one of New York’s 100 most outstanding corporate citizens, and an Exceptional Australian by the Australian Government.

Gizel Gomes

Gizel Gomes

Gizel Gomes is a professional technical writer with a bachelor's degree in computer science. With a unique blend of technical acumen, industry insights, and writing prowess, she produces informative and engaging content for the B2B leadership tech domain.

Related posts

Trending