AI For Effective Healthcare Cyber Resilience

Artificial intelligence is being used in a variety of ways in the healthcare industry, and one area where it is proving to be an effective asset is cybersecurity. 

Healthcare CIOs and CISOs should recognise that AI has the ability to enhance technology’s ability to identify malicious activity and attackers and to protect systems and data, healthcare cybersecurity experts say.

AI does so in different ways

“Machine learning and artificial intelligence can be used to augment and/or replace traditional signature-based protections,” said Robert LaMagna-Reiter, senior director of information security at First National Technology Solutions, a managed IT services company that, among other things, advises on cybersecurity issues. “One area is security information and event management alerting, or anti-virus solutions.”

With the immense amount of data, security personnel cannot efficiently sift through every event or alert, whether legitimate or a false-positive, machine learning and AI solve this problem by looking at behavior versus signatures, as well as taking into account multiple data points from a network, LaMagna-Reiter explained.
“By acting on behavior and expected actions versus outdated or unknown signatures, the systems can take immediate actions on threats instead of alerting after the fact,” he added.

Artificial intelligence also can assist with “self-healing” or “self-correcting” actions, LaMagna-Reiter said.
 “For example, if an antivirus or next-generation firewall system incorporates AI or behavioral monitoring information, assets with abnormal behavior – signs of infection, abnormal traffic, anomalies – can automatically be placed in a quarantined group, removed from network access,” he said. 
“Additionally, AI can be used to take vulnerability scan results and exploit information to move assets to a safe-zone to prevent infection, or apply different security policies in an attempt to virtually patch devices before an official patch is released.”
Further, if abnormal activity is observed, prior to any execution AI can wipe the activity and all preceding actions from a machine, LaMagna-Reiter explained. “Essentially, every action is recorded and monitored for playback, if necessary,” he said.

Cyber-security is one of the most prominent use-cases for machine learning and artificial intelligence, said Viktor Kovrizhkin, a security expert at DataArt, which builds custom software for businesses.
“The main niche for applying machine learning and complex AI systems in healthcare cybersecurity is reactive analysis and notification or escalation of potential problems,” Kovrizhkin said. “In combination with other infrastructure components, a machine learning-based approach may respond with actions to anticipate potential data leaks.”
Making use of artificial intelligence is a progressive action, where a system constantly trains and identifies patterns of behavior and can discriminate between those considered normal and those that require attention or action, said Rafael Zubairov, a security expert at DataArt.
“For this, the machine can use a variety of available data sources, such as network activity, errors or denial of access to data, log files, and many more,” Zubairov said. “Continuous interaction with a person and information gathering after deep analysis allow systems to self-improve and avoid future problems.”
But successful use of artificial intelligence in healthcare requires a top-down approach that includes an executive in the know, LaMagna-Reiter said.
“An organisation must implement a defense-in-depth, multi-layer security program and have an executive-sponsored information security function in order to fully realise the benefits of implementing machine learning and AI,” LaMagna-Reiter explained. 
“Without those, machine learning and AI would be under-utilised tools that don’t have the opportunity to take the security program to the next step. Machine learning and AI are not a silver bullet, or even a one-size-fits-all solution.”

Healthcare News:

You Might Also Read:

Is It Really Possible to Protect Your Health Data?:

Healthcare Sector Accounts For 43% Of UK Data Breaches:

How Cybercrime Affects The Healthcare Industry:

 

« Hackers Attempt To Penetrate US Nuclear Plants
Are Corporate Cyber Defenses Adequate? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Clayden Law

Clayden Law

Clayden Law are experts in information technology, data privacy and cybersecurity law.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

BackupVault

BackupVault

BackupVault is a leading provider of completely automatic, fully encrypted online, cloud backup.

Shavlik Protect

Shavlik Protect

Shavlik Protect is an easy-to-use security software solution that discovers missing patches and deploys them to the entire organization.

Eversheds Sutherland

Eversheds Sutherland

Eversheds Sutherland is a global multinational law practice offering a full range of commercial and IT law services including Privacy, Data Protection and Cyersecurity.

International Organization for Standardization (ISO)

International Organization for Standardization (ISO)

ISO is an independent, non-governmental international standards organization. The ISO/IEC 27001 is the standard for information security management systems.

Cellebrite

Cellebrite

Cellebrite delivers comprehensive solutions for mobile data forensics and mobile lifecycle management.

CamCERT

CamCERT

CamCERT is the national Computer Emergency Response Team for Cambodia.

Repository of Industrial Security Incidents (RISI)

Repository of Industrial Security Incidents (RISI)

RISI is a database of cyber security incidents that have (or could have) affected process control, industrial automation or SCADA systems.

Sepio Systems

Sepio Systems

Sepio is a leader in the Rogue Device Mitigation (RDM) market, and the developer of Sepio Prime - a SaaS solution for protecting organizations from hardware based attacks and threats.

TechArch

TechArch

TechArch helps customers to optimize their investments in cybersecurity by providing them independent and vendor-neutral consultation and guidance.

Gita Technologies

Gita Technologies

Gita Technologies works to create integrated solutions to the thorniest problems in the field of intelligence and cyber today.

iProov

iProov

iProov delivers authentication and verification simply and securely, based on a genuine one-time biometric.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

AngelList

AngelList

AngelList champion startups and the people who empower them. Search tech & startup jobs, find new tech products, and invest in startups.

Onsist

Onsist

Onsist brand protection services provide proactive defense against fraudulent use of your brand online.

36 Group

36 Group

36 Group's criminal law team, has the experience and specialist knowledge to conduct effectively trials heavily concerned with the growing phenomenon of Cybercrime.

1Touch.io

1Touch.io

1touch.io Inventa is an AI-based, sustainable data discovery and classification platform that provides automated, near real-time discovery, mapping, and cataloging of all sensitive data.

IPKeys Cyber Partners

IPKeys Cyber Partners

IPKeys Cyber Partners, together with the IPKeys Power Partners unit, provide Cyber Security and CIP Compliance for utilities, grid operators and public safety organization across the USA.