Role of Machine Learning and AI in Healthcare Cyber Security

by Jim Massey
Published on January 12, 2018

Security threats are major concerns to health care organizations due to the value and vulnerability of clinical data that is being recorded and distributed. The value of the data comes from the fact that it is historical in nature, it directly affects our ability to safely treat patients, it takes a long time to rebuild, and it contains more than just clinical data, such as personal, financial, and demographic data which allow it to be used for wider identity theft. It is persistent, whereas you can change credit cards and their passwords, PINs and account numbers in the event of a breach, you cannot change your mother’s maiden name. The vulnerability comes from the fact that there has been a revolution in health care with the interconnection of systems, cloud computing, IOHT and mobile devices and the changes in working practices of clinicians, such as remote monitoring, telemedicine, and working from home. This revolution has not always been matched with the security awareness, policies, practices, and budgets of health care organizations.

There has been an increasing sophistication of attacks using social engineering techniques (e.g. Phishing) that can overcome “traditional” defenses such as anti-virus, rule and signature based detection systems. But before looking at what new AI based tools can do for organizations, I would like to suggest that these are only more sophisticated tools, and without the basics in place they will fail to deliver on their promises.

Good systems management is important, keeping not just the central servers up to date with security patches but also connected devices, and to do this, assessments of suppliers’ security policies and procedures should be a key part of your procurement department’s process for selecting devices which may be attached to the system.

Information Governance is key, defining critical data, knowing how the data is managed both in transit and at rest, and having defined, usable policies and processes, is much more important than adding more technology to a fractured system. Similarly, education and awareness are necessary so that everyone on the system is regularly made aware of these policies, not just on induction day. As threats are evolving, staff should be kept aware of the people side of security with ongoing campaigns such as anti-phishing behavior management. However, all this is just guess work if you do not know how effective it all is and there should be regular penetration testing of the systems to ensure that you know your defenses are up to date and effective.

Doing all of this means there is a shortage of security experts to help ensure your custody of your patients’ data remains as effective as time moves on, this is where AI and Machine Learning may be able to help healthcare cyber security. However merely purchasing new tools does not improve defenses, they need to be deployed, maintained and monitored to provide effective defense.

Security Information and Event Management (SIEM) software products and services provide real-time analysis of security alerts generated by network hardware and applications and are also used to log security data and generate reports for compliance purposes. By combining this real-time data gathering with Threat Intelligence, extending the storage of this data over time and applying the enhanced analytics capabilities that come with Machine Learning and AI techniques, it improves the detection of attacks around the clock with less skilled staff. By looking at past performance it becomes possible to analyze user and device behaviors to detect activity that is out with the expected patterns from the devices or users much quicker and more accurately than human observers can. This use of AI in health care cyber security is becoming more and more important for protection of on-site systems and as health care networks expand and data and processing gets pushed out into the “cloud”.

Ai and Machine Learning offers health care organizations a way of securing their patients’ data as health care evolves, without relying on scarce high-cost skills, but will only meet its promise if the basics of information governance, awareness and education are in place first.

Fresh from our blog

Adopting intelligence and digital health innovation in tertiary care

by Dr Ahmad AbuSalah
December 12, 2022
To cope with increased demand, King Faisal Specialist Hospital has developed intelligent tools for day-to-day operations management and planning activities.

Machine learning speeds up digital transformation at the King Faisal Specialist Hospital & Research Centre

by Dr. Osama Alswailem
July 6, 2021
In partnership with Cerner, the King Faisal Specialist Hospital & Research Centre (KFSH&RC) has been on a three-decade journey of digital transformation. CIO, Dr Osama Alswailem explains how machine learning and AI have built this capacity for innovation.

Data-driven technologies to improve health outcomes

by Ahmad Yahya | Romel Khalife
June 16, 2021
In an interview with Gulf News, Ahmad Yahya, CIO/COO at AHD explains how the marriage of next-gen tech and data is delivering an improved experience for patients and Romel Khalife, Lead Client Accountable Executive for Cerner in the Middle East and Africa, explains why its high-profile project with American Hospital Dubai is a pioneering initiative.

The power of data transforming health care

by Akram Sami | Dr Mohamed AlRayyes
December 9, 2020
In an interview with the Hospitals magazine, Akram Sami, General Manager of UAE and Kuwait, Cerner Middle East and Africa, and Dr Mohamed AlRayyes, the Senior Physician Executive, Cerner Middle East and Africa, talk about the significance of artificial intelligence adoptions and data-driven innovations in the health care industry today.