Endpoint Detection and Response (EDR) in Healthcare: Mitigating Threats on Critical Devices
DOI:
https://doi.org/10.47941/jts.2878Keywords:
Healthcare, Cybersecurity, Endpoint Detection and Response, Medical Devices, Ransomware, Real-Time Monitoring, Internet of Medical Things.Abstract
Purpose: This paper aims to identify the strategies for designing, implementing, and evaluating EDR in the safety of mission-critical medical devices and workstations in healthcare environments.
Methodology: The exercise involved installing EDR elements throughout a sample of health organization’s endpoints and using bots to stage select cyber threats. This way, the methodology provides controlled exposure to real-life attack scenarios to assess the detection, response time and impact on the system.
Findings: Endpoint Detection and Response (EDR) solutions are gradually rising as preventive security measures in response to such new-age threats. With these characteristics, EDR programs are a more advanced form of AV tools as they provide endpoints with real-time monitoring, context-aware detection, automated action, and investigation across numerous phases. The given study depicts how EDR platforms make dwell time low, detect advanced threats in real time, and isolate the affected devices to prevent disruptions in healthcare facilities.
Unique Contribution to Theory, Practice and Policy: The study pleas for the systematic integration of EDR into the healthcare cybersecurity frameworks as a cornerstone to the security of the healthcare system and the patient.
Downloads
References
Ewoh, P., & Vartiainen, T. (2024). Vulnerability to cyberattacks and sociotechnical solutions for health care systems: systematic review. Journal of medical Internet research, 26, e46904.
Alanazi, A. T., & Alanazi, A. (2023). Clinicians’ perspectives on healthcare cybersecurity and cyber threats. Cureus, 15(10).
Clarke, M., & Martin, K. (2024, January). Managing cybersecurity risk in healthcare settings. In Healthcare Management Forum (Vol. 37, No. 1, pp. 17-20). Sage CA: Los Angeles, CA: SAGE Publications.
Javaid, M., Haleem, A., Singh, R. P., & Suman, R. (2023). Towards insight cybersecurity for healthcare domains: A comprehensive review of recent practices and trends. Cyber Security and Applications, 1, 100016.
Dameff, C., Tully, J., Chan, T. C., Castillo, E. M., Savage, S., Maysent, P., & Longhurst, C. A. (2023). Ransomware attacks are associated with disruptions at adjacent emergency departments in the US. JAMA network open, 6(5), e2312270-e2312270.
Tully, J., Coravos, A., Doerr, M., & Dameff, C. (2020). Connected medical technology and cybersecurity informed consent: A new paradigm. Journal of medical Internet research, 22(3), e17612.
Goebel, M., Dameff, C., & Tully, J. (2019). Hacking 9-1-1: infrastructure vulnerabilities and attack vectors. Journal of medical Internet research, 21(7), e14383.
Maggio, L. A., Dameff, C., Kanter, S. L., Woods, B., & Tully, J. (2021). Cybersecurity challenges and the academic health center: an interactive tabletop simulation for executives. Academic Medicine, 96(6), 850-853.
Sullivan, N., Tully, J., Dameff, C., Opara, C., Snead, M., & Selzer, J. (2023). A national survey of hospital cyber-attack emergency operation preparedness. Disaster medicine and public health preparedness, 17, e363.
Alzubaidi, L. H., & Ravikanth, P. (2025). The Future of Healthcare: Emerging Technologies and Trends. Advances in Sports Science and Technology, 49-54.
Endpoint Detection and Response (EDR) in Healthcare, Cynet, 2023. online. https://www.cynet.com/endpoint-protection-and-edr/edr-in-healthcare/
Junaid, S. B., Imam, A. A., Balogun, A. O., De Silva, L. C., Surakat, Y. A., Kumar, G., & Mahamad, S. (2022, October). Recent advancements in emerging technologies for healthcare management systems: a survey. In Healthcare (Vol. 10, No. 10, p. 1940). MDPI.
Park, S. H., Yun, S. W., Jeon, S. E., Park, N. E., Shim, H. Y., Lee, Y. R., ... & Lee, I. G. (2022). Performance evaluation of open-source endpoint detection and response combining Google rapid response and query for threat detection. IEEE Access, 10, 20259-20269.
Why Endpoint Detection and Response (EDR) Is The Future of Endpoint Protection?, Seqrite, 2024. Online. https://www.seqrite.com/blog/what-is-edr-a-deep-dive-into-edr-definition-benefits-and-use-cases/
Daniel, R. K. (2024). Survey of EDR Evasion Techniques, Trends, and Taxonomy for Classifying Modern Attacks (Master's thesis, Carnegie Mellon University).
Endpoint Detection and Response, Atera, online. https://www.atera.com/glossary/endpoint-detection-response-edr/
Frumento, E. (2019). Cybersecurity and the evolutions of healthcare: challenges and threats behind its evolution. M_Health current and future applications, 35-69.
What is Endpoint Detection and Response (EDR)? Is it Fortinet online? https://www.fortinet.com/resources/cyberglossary/what-is-edr
Mocanu, B. C., Stoleriu, R., Mocanu, A. E., Negru, C., Drăgotoiu, E. G., Moisescu, M. A., & Pop, F. (2024, March). NextEDR-Next generation agent-based EDR systems for cybersecurity threats. In 2024 32nd Euromicro International Conference on Parallel, Distributed and Network-Based Processing (PDP) (pp. 183-190). IEEE.
Boyraz, G. (2024). Endpoint Detection and Response Essentials: Explore the landscape of hacking, defense, and deployment in EDR. Packt Publishing Ltd.
Yusof, Z. B. (2024). Effectiveness of Endpoint Detection and Response Solutions in Combating Modern Cyber Threats. Journal of Advances in Cybersecurity Science, Threat Intelligence, and Countermeasures, 8(12), 1-9.
Junior, H. C. (2024). HookChain: A new perspective for Bypassing EDR Solutions. arXiv preprint arXiv:2404.16856.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Anjan Kumar Gundaboina
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution (CC-BY) 4.0 License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
