In the Healthcare Information and Management Systems Society’s 2019 cybersecurity survey, only 22 percent of respondents said they did not experience a significant security incident over the previous 12 months. That means nearly 80 percent of responding organizations suffered a major breach.
Of course, healthcare data — to quote Halifax Health Vice President and CIO Tom Stafford at HIMSS 2019 earlier this year — remains low-hanging fruit for hackers because of its ready supply and timeless nature.
To that end, tools leveraging artificial intelligence and automation would be a wise investment for information security leaders striving to continuously evolve their protection strategies. Next-generation endpoint protection solutions, for instance, “enable [automation and orchestration] by integrating effectively with other security solutions,” writes Jeff Falcon, an inside solution architect for CDW’s security practice, in a recent blog post. In such tools, AI has the ability to identify threats in real time.
Hackers Can Leverage AI To Improve Their Attacks
Healthcare IT leaders must keep in mind, however, that many hackers already leverage AI and automation in their attack efforts.
“Though AI is having a transformative effect on the healthcare industry relative to cybersecurity, there are still serious concerns regarding the technology,” write Brian Hedgeman and Alaap B. Shah of the law firm Epstein Becker Green in a post on Lexology. “External threats may train machines to hack systems at human or superhuman levels.”
Derek Manky, chief of security insights and global threat alliances at Fortinet, agrees, saying it’s only a matter of time before new malware being developed and rolled out by cybercriminals disrupts the status quo.
“Fortunately, automation can benefit the healthcare industry just as much as it does criminals,” he writes in a Fortinet blog post. “As security automation develops, it enables healthcare security professionals to keep pace with the growing onslaught of malware attacks that are specifically targeting their sector.”
Automation, Manky continues, can help security leaders with traffic segmentation and can also improve — or even replace — basic security functions, such as device patching and network device configuration.
“Driving toward intent-based security will enable organizations to leverage the power of automation and integration as critical tools to combat the constantly evolving ransomware and malware attacks on the horizon,” he says.
A Well-Rounded Protection Strategy Is the Best Strategy
Despite the benefits AI and automation offer for security, it’s still important for healthcare providers to have a well-rounded protection strategy, Hedgeman and Shah say.
“Organizations should continue to maintain a team of highly skilled security personnel to oversee the implementation and use of AI tools and be on hand to make critical, real-time decisions where automation cannot resolve a cybersecurity issue,” they write.
I agree. When it comes to security, organizations can never be too careful.