Poster Poster Program Therapy Physics

Awareness, Perceived Importance, and Preparedness for Contingency Planning In Radiation Oncology Against Cyberattacks: A Survey of AAPM and EFOMP Members

Abstract

Purpose

Cyberattacks pose a growing threat to the continuity of radiation therapy services. Establishing contingency plans (CPs) is critical for rapid recovery post-cyberattack and for maintaining operational resilience. However, the extent of awareness, perceived importance, and preparedness for such plans among radiation oncology departments in the United States and Europe remains insufficiently understood. This study aimed to evaluate these factors within the radiation oncology community.

Methods

A five-question survey addressing awareness, perceived necessity, and implementation status of cyberattack CPs was developed based on AAPM Task Group 393 and endorsed by EFOMP. The survey was distributed electronically to members of AAPM and EFOMP. Responses were analyzed by institution type and institutional size, categorized by the number of treatment machines. Differences in categorical variables were assessed using chi-square tests.

Results

A total of 317 responses were collected (AAPM: 156, EFOMP: 161), with 248 included in the final analysis. Overall, 38.3% of respondents reported being well informed about cyberattack CPs. Awareness was significantly higher among larger institutions (≥5 treatment machines) compared with smaller facilities (≤4 machines) (46.2% vs 31.3%, P =0.01). While 64.6% considered CPs essential, 27.3% viewed them as desirable but impractical, and 4.8% deemed them unnecessary. Preparedness was also greater in larger hospitals (7.6% vs 17.1%, P = 0.04). No significant differences were observed between AAPM and EFOMP respondents. Compared with a similar survey but with smaller scale in USA 2022 , awareness remained stable (from 41.9% to 38.3%, P = 0.7), whereas preparedness showed an increase (from 0% to 12.1 %, P < 0.05).

Conclusion

Awareness, perceived importance, and preparedness for cyberattack and post-cyberattack contingency planning remain limited in radiation oncology, particularly among smaller institutions. Focused education and practical implementation strategies are needed to strengthen resilience against evolving cyber threats.

People

Jonas S AndersonAuthors · Department of Diagnostics and Intervention Umea University Charles M. Clements, MSAuthors · Elekta Reshma Munbodh, PhDAuthors · Department of Pediatrics Yale School of Medicine Samantha G. Hedrick, PhDAuthors · Covenant Health Proton Center Marc Mlyn, MSAuthors · RaySearch Laboratories Matthew C. Walb, PhDAuthors · Icon Cancer Centre Bruce H. Curran, MEngAuthors · Virginia Commonwealth University Medical Center Peter Balter, PhDAuthors · The University of Texas MD Anderson Cancer Center Brendan Anthony McClean, PhDAuthors · Dept of Physics St Luke’s Radiation Oncology Network Brett A. Miller, MSAuthors · University of Tennessee Medical Center Adam SchoenAuthors · Varian Medical Systems Byong Yong Yi, PhDPresenting Author · Department of Radiation Oncology, University of Maryland School of Medicine Baoshe ZhangAuthors · Department of Radiation Oncology, University of Maryland School of Medicine Robert Clell Miller, MDAuthors · Mayo Clinic College of Medicine