Abstract : Cybersecurity is a real threat in almost all human activity domains. The health sector is a particular vulnerable target for cybercriminals. The first reason is obviously the financial incentive: the value of the content of a personal electronic health record, sold on the darknet, easily exceeds 1000 US dollars. The second reason is the aging Information Technology (IT) infrastructure we are dealing with, both in the hospital sector as well as in the vast majority of private medical practices. There is also an astonishing lack of environmental consciousness and an absence of a real safety culture in the medical profession. Very often there is neither an institutional basic training, nor a continuous and mandatory education in institutional cybersecurity. There is no single magic bullet to solve the problem, but various mechanisms can be put in place to mitigate the risks and limit the hazards as much as possible.