KEY POINTS Cyberattacks can incur privacy breaches and financial harm, as well as directly threaten patient safety and health system functioning. Reducing the risk of cyberattacks and managing those that do occur happens in 4 stages: prevention, detection, response and recovery. As novel areas of cyberthreats emerge (e.g., Internet-connected devices), clinicians and health organizations should be vigilant for recalls, keep software up to date and discuss possible risks with patients.