AI can bypass cybersecurity controls
Healthcare organizations are trying to become better at turning the vast amount of data they collect, store and share into actionable insights. They use more meaningful analytics and turn to AI-based solutions for clinical decision support. They are also looking for ways to use AI to reduce administrative burden on staff members and streamline workflows.
All this data is very attractive to cybercriminals, who are actually attacking business intelligence. So they’re using AI to break healthcare cybersecurity controls, and they don’t differentiate between the two. small community hospital and large health systems. It’s fair game for them.
There are several AI-related attacks that malicious actors will deploy. Commoditized AI-based attacks rely on a kit or service: bad actors who don’t know much about how an algorithm works can simply purchase a solution on the dark web and launch their own attacks. Some examples include data-intensive password hacking, assisted hacking, and using deepfakes to improve social engineering attempts.
DISCOVER: Follow these best practices to improve cyber resilience in healthcare.
Some emerging AI-assisted cyberattacks include Ransomware, advanced persistent threats and business email compromise. In each of these attacks, AI is used to enhance kits that exist on the dark web. In some ransomware cases, using an AI ransom negotiator could make the situation even more difficult.
AI-assisted APTs can be particularly dangerous because malicious actors use AI to systematically attack the same healthcare systems in different ways and look for a window of opportunity to penetrate networks. These attacks can require months of close monitoring. Malware that collects information from a healthcare organization can go unnoticed and begin exfiltrating sensitive information at a slow rate, evading security tactics.
Cyberattacks will become more sophisticated. Senior executives and other leaders will be prime targets when bad actors attempt to obtain valuable information affecting multiple health systems.
AI can support and strengthen cybersecurity defenses
A growing number of vendors are integrating AI into their cybersecurity solutions. Cisco recently revealed HyperShield, a new security offer which uses AI. Google Cloud And Palo Alto Networks announcement an expanded partnership continue to strengthen cybersecurity with AI.
So while the use of AI by malicious actors is of great concern, industry leaders such as Google CEO Sundar Pichai are also hopeful on how AI can help organizations defend against cyberattacks.
AI solutions can facilitate data discovery and classification, providing visibility into security vulnerabilities, justifying access privileges, and creating business processes to protect data. When it comes to identity access, we need to determine how and when to apply profile policies. It’s really about understanding the business value, the workflow and what maintains viability. Organizations must view cybersecurity as a business decision, not just an IT decision.
Next, AI response systems can help with infrastructure design. These are comprehensive defense systems capable of detecting intrusions, since telemetry is read and used almost in real time. These platforms can intelligently process information in nanoseconds and protect the data when perpetrators attempt to access the network. This robust analysis and speed of response increases with the help of AI in cybersecurity products.
LEARN MORE: AI can help healthcare organizations strengthen patient data security.
Finally, AI will contribute to backup intelligence or intelligent recovery orchestration. If a particular server or region is attacked, this backup intelligence will be able to restore the data. You may not even notice that the affected file has been deleted and restored with a new data table. It needs proactive monitoring. This will improve capacity planning because now the backup system can better manage its storage consumption.
In the field of cybersecurity strategy, the importance of National Institute of Standards and Technology Cybersecurity Framework 2.0 cannot be overstated. It illuminates the security network within an organization, transcending the boundaries of the security operations center.
This revised framework promotes inclusiveness, bringing together diverse stakeholders and dispelling any notion that security is the sole concern of a single team. It facilitates consistent communication by standardizing terminology across IT, bridging the gap between leadership and frontline security staff. Applying the framework enterprise-wide can broaden the spectrum of decision-makers, building a sense of trust and ownership among all parties involved.
This article is part of Health TechnologyIt is MonITor Blog Series.
