US health officials call for surge in funding and support for hospitals in wake of cyberattacks that diverted ambulances. Of course, some of the "funding and support" is imposing stricter fines for providers who have lax cybersecurity.
Some amount of cybercrime is inevitable. However, there still is a shocking lack of cybersecurity among healthcare providers. Patching (regularly applying software patches when they are issues by the software providers), good data backups, network segmentation (keeping secure parts of your network -- which don't need internet connections -- separated from the parts of the network that do need internet connections), and phishing training can eliminate the vast majority of cybersecurity incidents. If you're not doing that, you probably deserve stricter fines.