AI can bypass cybersecurity controls
Healthcare organizations are becoming more adept at turning the vast amounts of data they collect, store, and share into actionable insights. They are turning to AI-powered solutions to use more meaningful analytics and support clinical decision-making. We are also exploring ways to use AI to reduce administrative burden on staff and streamline workflows.
All of this data is very attractive to cybercriminals who are serious about business intelligence. In other words, they are using AI to break through healthcare cybersecurity controls, making no distinction between small community hospitals and large health systems. It's all fair game to them.
There are several AI-related attacks that malicious actors deploy. Commoditized AI-powered attacks rely on kits and services. Malicious attackers who don't know much about how the algorithm works could simply buy the solution on the dark web and launch their own attacks. Examples include the use of deepfakes to improve data-intensive password cracking, hacking assistance, and social engineering attempts.
Discover: Follow these best practices to improve cyber resilience in healthcare..
Emerging AI-powered cyberattacks include ransomware, advanced persistent threats, and business email compromises. These attacks use AI to power kits that exist on the dark web. In some ransomware cases, the use of AI ransom negotiators can make things even more difficult.
AI-assisted APTs can be particularly harmful as malicious attackers use AI to continuously attack the same healthcare system in different ways, looking for opportunities to penetrate networks. . These attacks can require months of intense monitoring. Malware collecting information from healthcare organizations can remain undetected, evade security tactics, and begin leaking sensitive information at a slow rate.
Cyber attacks are becoming increasingly sophisticated. Executives and other leaders will be prime targets as malicious attackers seek to obtain valuable information that impacts multiple healthcare systems.
AI can support and enhance cybersecurity defenses
More and more vendors are integrating AI into their cybersecurity solutions. Cisco recently announced his HyperShield, a new security product using AI. Google Cloud and Palo Alto Networks announced an expansion of their partnership to continue strengthening cybersecurity with AI.
So while the use of AI by bad actors is a serious concern, industry leaders like Google CEO Sundar Pichai are also excited about how AI can help organizations defend against cyberattacks.
AI solutions can help discover and classify data, provide visibility into where security gaps exist, justify access privileges, and create business processes to protect data. When it comes to identity access, you need to decide when and how to apply profile policies. The key is understanding business value and workflow and what will maintain survivability. Organizations need to treat cybersecurity as a business decision, not just an IT decision.
Second, AI response systems can help with infrastructure design. These are complete defense systems that can detect intrusions because they operate with telemetry read in near real-time. These platforms can intelligently process information within nanoseconds and protect your data when perpetrators attempt to access your network. This robust analysis and response speed is enhanced with the help of AI in cybersecurity products.
read more: AI can help healthcare organizations improve the security of patient data.
Finally, AI helps with backup intelligence, or smart recovery orchestration. If a specific server or region is attacked, that backup intelligence allows you to restore your data. You may not even realize that the affected files have been deleted and restored with clean data. This requires proactive monitoring. Capacity planning is improved because the backup system can better manage storage consumption.
In the realm of cybersecurity strategy, the importance of the National Institute of Standards and Technology's Cybersecurity Framework 2.0 cannot be overstated. It shines a light on the security network within an organization, beyond the security operations center.
This revised framework promotes inclusivity, engages diverse stakeholders, and dispels the notion that security is the concern of only one team. Standardize terminology across IT to foster consistent communication and bridge the gap between executives and front-line security personnel. Applying this framework across your enterprise expands the reach of decision-makers and instills confidence and ownership in all involved.
This article is part of health tech's Monitor blog series.
