Healthcare cybersecurity – the impact of AI, IoT-related threats and recommended approaches

An interview with Richard Staynings, Chief Security Strategist, Cylera. Currently leading healthcare security strategy at Cylera, a biomedical HIoT security startup, Richard Staynings has more than two decades of experience in both cybersecurity leadership and client consulting in healthcare. Last year, he served on the Committee of Inquiry into the SingHealth breach in Singapore as an Expert Witness. He recently spoke to Healthcare IT News on some of the current developments in healthcare cybersecurity.

Q. Artificial Intelligence (AI) applications in healthcare are all the rage now, and so are cybersecurity threats, given the frequency and intensity of healthcare-related incidents. In particular, some of the cyberattacks have become more sophisticated through the use of AI to get past cyber defenses. On the medical devices front, AI is also being used to constantly manage and secure the rising number of healthcare IoT devices as they connect and disconnect from hospital networks. How do you think the application of AI in healthcare cybersecurity will be like in the next few years?

A. Healthcare is widely considered to be an easy and soft target because “who in their right mind would attack the weak and defenseless?” …. or so the thought goes! The fact is that healthcare presents a rich target for cyber criminals because of the value of the data hosted and processed. When you couple that with a chronic historical underinvestment in the development of capable cybersecurity teams and tools across healthcare, you can see why perpetrators are so keen to break walk in. But it’s no longer the theft of medical records, or PII that concerns me, it’s the wholesale theft of intellectual property from research universities and pharmaceuticals by rogue nation states, (one in particular) and the potential to hold both hospitals and their patients to ransom by just about anyone. That’s what really worries me most.

I believe we are on the cusp of an AI arms race. Attackers are busy designing new attack vectors and methods to get by cyber defences that heavily leverage AI and Machine Learning (ML). Advanced persistent threats (APTs) that hide unnoticed on the network for years sometimes, while gathering vital information and gradually expanding their footprint till they own the entire network, just as the attack on SingHealth in 2018 demonstrated. AI that perfectly emulates the normal acceptable behavior of users and systems on the network and as such goes undetected by even the best cyber defences.