AI-Driven Threat Intelligence in Healthcare Cybersecurity: A Comprehensive Survey

Abstract

This study explores how Artificial Intelligence (AI) can be effectively applied across critical cybersecurity functions in the healthcare domain by analyzing four focused themes. These include real-time threat detection using supervised machine learning, interpretable threat intelligence via explainable AI (XAI), NLP-based cyber threat monitoring from open-source data, and intelligent Identity and Access Management (IAM) systems for insider threat mitigation. Each theme is investigated through selected peer-reviewed studies that collectively demonstrate AI’s role in automating threat detection, improving prediction accuracy, enhancing model transparency, and securing access to Electronic Health Records (EHRs). The review also identifies core challenges such as limited real-world deployment, lack of model interpretability, and insufficient multilingual threat processing. Finally, this paper proposes future enhancements including federated AI models, real-time NLP pipelines, and adaptive IAM systems tailored for evolving threats in clinical environments.