Cybersecurity and AI in Health Applications

Cyber-crimes affect companies from all industries like IT, Legal, Education, Manufacturing, Finance. Healthcare is one of the most targeted since this sector relies on the perpetual exchange of big volumes of valuable data.

Amid a health crisis, a cyberattack targeting healthcare IT systems around the world takes place every three days [1].

Since the beginning of the second decade of this millennium, cyber threats and data breaches increase rate has spiked disturbingly. Cyber regulations are evolving and requiring healthcare facilities to address more than just the patient’s illnesses. Also responsible for the security of their data, they make health care information security a priority. And they are pushed to do it. Any intrusion on the integrity of internal data can have catastrophic consequences for patients and healthcare facilities.

Healthcare Data Breaches 2016-2019
Healthcare Data Breaches 2016-2019

For healthcare companies, a breach of security is very costly. In this critical context, the health sector must be aware and ready to do everything possible to secure their health applications and data banks, by channeling enough technological and financial resources to them. The data collected in the health sector is particularly sensitive because most records become a significant liability when compromised. Healthcare organizations are prime targets for cybercriminals seeking to gain valuable information by exploiting vulnerable security systems. The risk of a breach is reduced by adopting security measures with mighty authentication methods, paired with employee training – a necessary follow-up action that some companies tend to undermine, and, therefore, risk turning into a headline in cybersecurity news sites.

One specific area of healthcare is particularly susceptible to cyberattacks, and criminals often use it to create a breakpoint - the company’s supply chain. Because health organizations rely on multiple suppliers and external services, they support a vast network where massive data is on a constant exchange. Securing such an intense pipeline of information flow is exceptionally difficult, and hackers won’t hesitate to abuse this unfortunate fact.

In the Healthcare sector, computer systems contain sensitive data and support organizations in the delivery of quality patient services, making them a prime target for extortion attempts. Phishing, in which a cybercriminal poses as a legitimate organization or individual to entice trust, is a common form of attack. Emails have always been a possible point of entry, filled with bogus attachments and links to fake websites. Email breach is of particular concern in healthcare, as staff consistently uses emails to exchange highly valuable data. If an employee’s email login information is stolen or disclosed - including their username and password - they can be used by criminals to gain access to patient records, and based on this employee level of access, possibly leverage even further damage.

Applications at the service of health: pay attention to the data!

The concept of e-health is not technologically innovative. The service itself is not advanced by any means; what is innovative is the main piece of technology it uses. This tech choice consists of the provision of communicating applications allowing, here, to perform specific measures via the combined effort of a peripheral, a service platform (mainly based on cloud technologies) and a communication network [2].

The security principles and techniques applicable to e-health are, therefore, very similar to those considered by suppliers of critical connected systems. The main difference is that medical devices process health data, which is among the most lucrative for cybercriminals. Personal medical records reside under the aegis of restrictive regulations. Such regulations impose special protection to guarantee the integrity of the patient’s privacy.

New black gold, all the corporate data collected and processed, defines the level of risk for the services that use this information. In the case of e-health, all present vulnerabilities and medical data leak possibilities must be eradicated. Data protection can break the integrity of private data. For example, sensitive information can circulate multiple communication channels and get exposed to a breach. Not even the doctor-patient is entirely bulletproof.

A data communication channel may temporarily break data integrity. For example, doctor-patient communication is vulnerable to data leaks, despite the security-laden non-disclosure agreement they both approve.

Of course, sensitive data can be partially encrypted or partially exposed. For example, to explain conditions or medical treatment procedures, doctors use pseudonymization, when communication with their patients. Doctors also use anonymization, when it comes to data as part of statistics or a plan to improve a specific service.

Cybersecurity in the Healthcare sector:

Healthcare organizations should ensure that they have robust security measures in place to limit the risks of email account compromise [3], cyber security threat breaches, and other cyber security threat related incidents. These measures must cover all parameters inherent to people, processes, and technologies:

  • Practices and procedures – Strong authentication methods, secure access to applications, systems, and data; Communication with staff and other key stakeholders’ regular updates, as well as reminders of safety behaviors and mandatory actions during safety failure;
  • Supplier Relationships – Cybercriminals can exploit any weak link in a supply chain to gain access to a target. “The existence of strong links between companies within a healthcare ecosystem can compromise an entire ecosystem.” This is why, our latest Healthcare app project, MeTime, features a ‘close-quarters’ environment where vendors, clients and suppliers can safely exchange data while preserving privacy integrity.
  • Log management – Healthcare facilities often use a set of proprietary applications and systems that must be linked together within an IT security framework. LogPoint’s highly flexible cybersecurity software architecture addresses this problem and has become the standard cybersecurity tool for log management in the healthcare industry [4]. Some of the world’s most advanced hospitals are using our next-generation SIEM solution to protect their patient information.
  • Training – Entry-to-service training, regular reminders, additional training for all staff, and, where appropriate, other stakeholders. Malicious activity isn’t the only activity impacting your organization. Human error - as is the case in any industry - is another risk that deserves attention. Incorrect distribution of information and inappropriate handling of sensitive data puts your organization at high risk for data loss.
  • Ransomware – ransomware is another type of direct cybersecurity threat to the healthcare industry. While this type of attack typically cannot confirm a breach, ransomware has the potential to directly affect the privacy, integrity, and availability of critical systems. It is essential to prepare for the possibility of such an incident and harden your security policies accordingly. The recent spikes in ransomware attacks suggest it is a matter of time when online attackers will cycle toward any possible company. The best move is to expect a blow from that angle and get prepared on that front.

The potential role of AI for health application security

It is no longer a secret: ensuring the security of information systems is one of the significant challenges in companies. The fight against cybercrime has experienced a small revolution in recent years, thanks to the application of artificial intelligence. Through machine learning, we can discover how threats operate and evolve and use that information for a more precise counter-measure.

The number one difficulty in cybersecurity is the realization that criminals are always one step ahead of companies: they look for security holes, that someone working for the company is likely to overlook. Also, there is the exponential and ultra-rapid development of new technologies, particularly cloud and mobile. Hackers are quick to learn how new tech can be used to their advantage, and cybersecurity experts must keep up, keeping up with their, looking to predict, and dismantle their attempts.

Most basic security solutions focus on understanding malware and preventing infiltration. Thus, rather than being in action, they will instead react to present and incoming danger. This passive threat-response strategy requires regular updates, among other things, and their use alone proves to be insufficient. A more sophisticated cyber solution finds an ally in Artificial Intelligence (AI). Machines have the intensity and relentlessness needed when battling cyber threats and are preferred tools of veteran cybersecurity experts.

AI can proactively identify and mitigate a threat even before a patch is developed and released [5]. Its main advantage is its ability to relieve the human factor of tedious and time-consuming tasks, and this with a better reaction capacity in the treatment of alerts that flood computer systems daily.

AI then makes it possible to spot, analyze, and respond to cyber-attacks faster than a human. It provides an instrument which, when applied to cybersecurity, improves the efficiency and strengthens the protection of information technologies, for companies constrained by time and resources, financial or human.

It is on the processing of data between applications that AI can have a considerable impact. Robotics quickly analyzes a large amount of data from which it can spot anomalies or signal potential threats. Machines learn from a growing set of data and, over time, become more and more precise at detecting abnormalities. Today, Machine Learning finally gains the power to support human expertise in decision-making.

The future of cybersecurity is about embracing and innovating to create a partnership between man and machine, to support each other in the fight against hackers. In this way, companies can have a reasonable chance of surviving complex, sophisticated, and multi-vector attacks. Pairing knowledgeable security personnel with adaptive, self-learning technology, such as ITrust’s Reveelium [6], gives a competitive advantage to advocates who have hitherto been absent from most cybersecurity technologies. With its capacity to process large volumes of data, its analytical skills, and its ability to anticipate, AI is entering the field of cybersecurity. Its machine learning algorithms are proving to be beneficial assets in the fight against cybersecurity threat breaches, and we can guarantee that this is the future of cybersecurity!

Conclusion

The mission of the healthcare and pharmaceutical industries is to save lives and keep people healthy. It is noble work. But they also process personal and sensitive information, increasingly digitized. On the one hand, digitalization makes data more reachable, but on the other edge of the blade, this ease of access also attracts wrongdoers. Reaching a middle ground is harder than it looks, having to break a lot of knots while keeping the ship in one piece and afloat.

So, with the increase in cyber threats and data breaches, regulations are evolving and requiring healthcare facilities to address more than just patient illnesses. Also responsible for the security of their data, they make health care information security a priority.

An insufficient security level in the healthcare system makes patients and doctors must worry about info leaks, while trying to address more pressing problems, like treating a patient, for example. Companies from within the Healthcare sector must put in place a management and response strategy regarding access to documents. This operation requires additional time and resources that many health care facilities lack due to budgetary constraints.

References

  1. Lynne Coventry, Dawn Beverley Branley-Bell. 2018. Cybersecurity in healthcare: A narrative review of trends, threats, and ways forward. DOI: 10.1016/j.maturitas.2018.04.008
  2. Liang Hong, Mengqi Luo, Ruixue Wang, Peixin Lu, Wei Lu, Long Lu. 2019. Big Data in Health Care: Applications and Challenges. DOI: 10.2478/dim-2018-0014
  3. Clemens Scott Kruse, Benjamin Frederick, Taylor Jacobson, D. Kyle Monticone. 2016. Cybersecurity in healthcare: A systematic review of modern threats and trends. In technology and health care: official journal of the European Society for Engineering and Medicine 25(1):1-10. DOI: 10.3233/THC-161263
  4. https://www.logpoint.com/fr/solution-et-secteurs-dactivite/secteur-sante/
  5. Samer Ellahham, Nour Ellahham, Mecit Can Emre Simsekler. 2019. Application of Artificial Intelligence in the Health Care Safety Context: Opportunities and Challenges. in the American Journal of Medical Quality. DOI: 10.1177/1062860619878515
  6. https://www.itrust.fr/analyse_comportementale/

Author

Andreas Maier | CEO

Andreas is a result-oriented CEO who brings nearly 30 years of experience gained in the high-tech industry. His experience ranges up to leading positions in Fortune 100 companies such as rentalcars.com (PCLN) or Intrasoft International, a leading EU based R&D software vendor. He holds a Ph.D. in Neural Networks from the University of Cologne, Germany.
In the past Andreas has successfully founded and co-founded several startups among others XXL Cloud Inc., eShopLeasing Ltd, and WDS Consulting SA. His expertise is strongly focused on modern headless Commerce and the optimization of processes in IT ecosystems.