AI Reshapes Healthcare Cybersecurity Landscape

Susan Morse of Healthcare Finance writes that artificial intelligence is increasingly central to healthcare cybersecurity, serving as both a tool for defense and a generator of attacks.

Healthcare networks experience an average of two breaches per day, and there is constant tension between rapidly evolving attacks and limited detection capabilities. At a virtual forum, Benoit Desjardins, a former hacker and cybersecurity expert, said that AI radically accelerates the pace of cyber threats, while also offering novel capabilities for protection.

Healthcare cybersecurity has historically relied on signature-based and behavioral-based detection to identify malware, phishing, and other intrusion attempts. Signature-based methods detect known threats by matching data patterns. Behavioral approaches analyze what malware does within a system.

Both methods struggle with the proliferation of threat variants, the rapidity of attacks, and the scale of modern healthcare networks. Desjardins says that while hackers often access sensitive data within hours, organizations take an average of 235 days to detect breaches. Thus, there is a persistent vulnerability in existing defenses.

AI introduces new dynamics into this situation. Attack applications include generative AI models capable of producing deepfake videos, synthetic voices, and convincing social engineering campaigns.

In 2024, AI fooled an Arup Group employee into believing that she was in a video conference call with company executives who asked her to transfer $25 million. She did so and subsequently discovered that she was the only human on the call.

Defensively, AI enables automated vulnerability detection, object recognition, and analysis of digital communications at scale. It uses discriminative models across multiple layers to identify intrusions, malware, and phishing attempts.

Commercial AI tools have demonstrated high accuracy rates in real-world attacks. But challenges that remain. They include large dataset requirements, the burden of supervised learning, and the risk of AI hallucinations.

Lawyers advising healthcare entities should continue to stress the value of compliance programs, incident response planning, and employee training. The continuous interplay between AI-enabled attacks and defenses elevates the critical role of human oversight.