ARCHIVES

The accelerating digitization of clinical environments—through cloud-hosted services, the Internet of Medical Things (IoMT), and interoperable electronic health records—has substantially expanded the attack surface of healthcare delivery organizations. Traditional, signature- and rule-driven defenses respond poorly to fast-evolving, polymorphic, and zero-day intrusions that target sensitive patient data and life-critical clinical workflows. This work proposes an Adaptive AI-Driven Threat Intelligence Framework engineered to deliver proactive cyber defense across heterogeneous healthcare information systems. The framework couples supervised classifiers, unsupervised anomaly detectors, and sequence-aware deep learning to perform continuous monitoring, behavioral profiling, and predictive threat detection. By correlating real-time telemetry from network flows, system and authentication logs, IoMT device events, and curated external Cyber Threat Intelligence (CTI) feeds, it surfaces novel and evasive attack patterns that fixed-rule systems miss. An adaptive learning loop retrains detection models and refreshes security policies as new evidence arrives, while explainable-AI components surface human-readable rationale for each alert. Experimental evaluation in a simulated hospital environment shows measurable gains in detection accuracy, sharp reductions in mean time to detect (MTTD) and mean time to respond (MTTR), and stronger alignment with healthcare data-protection mandates such as HIPAA and GDPR.