This ARPA-H–funded project is a collaboration between MD Anderson, UTEP, UTSA, and the University of Illinois Urbana-Champaign. The project applies advanced AI and machine learning approaches to cybersecurity analysis in the healthcare sector by combining large language models (LLMs) with cybersecurity data sources through a retrieval-augmented generation (RAG) framework. The work involves fine-tuning LLMs using existing cybersecurity data repositories, including the Common Weakness Enumeration (CWE), Common Vulnerabilities and Exposures (CVE), and documented attack patterns from the MITRE ATT&CK framework. Within the AI-driven RAG pipeline, relevant information is retrieved from these repositories and integrated with the LLM to enhance contextual understanding and response accuracy. The resulting system identifies potential threats and examines changes in the security posture of a healthcare system’s network infrastructure. A key component of the system is its use as an interactive AI tool that allows system administrators to engage in natural-language conversations with the LLM about identified threats and potential mitigation strategies. This interaction supports more transparent, informed, and actionable decision-making in a healthcare network environment.