Could Artificial Intelligence transform health care cyber security?

Next story
Olivia Storey/James Pavett

The Institute for Critical Infrastructure Technology issued a report called How to Crush the Health Sector’s Ransomware Pandemic, which suggests that signature based malware is ‘dead’.

The ICIT, which is a cybersecurity ‘think tank’, say that dynamic malware operations are too numerous and adaptive for security professionals to predict. An example of this is that a single phishing email can bypass a multi-million pound enterprise security solution if a single employee is deceived into opening the attachment or clicking the malicious link. This would then mean the whole system is compromised, and every private data entry is at risk.

The ICIT believe that machine learning based Artificial Intelligence within the health care’s layered system of Internet of Things, which could detect and respond to threats, but also predict future defences via algorithms, is the future of cybersecurity.

Sadly, the health sector was faced with multiple ransomware attacks, insider threats and other cyber-attacks throughout 2016, designed to distract, consume resources, profit or steal data. They are targeted because health care centres and hospitals collect and store a high amount of data.

The healthcare sector is already utilizing cognitive and Artificial Intelligence solutions for big data analytics, and for clinical applications.

Mark James, ESET IT Security Specialist, discusses how the ICIT’s plans for machine-based learning is feasible in the healthcare industry.

“Combating or limiting ransomware in any way shape or form gets the thumbs up from me, any way it is delivered, either through traditional methods or emerging techniques.

“When it comes to stopping one of our most damaging and brutal forms of malware we see today we have to do all we can.

“When the two choices are either to purchase a replacement machine to save people’s lives, or invest the same money into a technology that may work in protecting you against an attack that might or might not come, it’s hard to justify the latter!

“It’s usually down to knowledge and understanding, if you are charged to protect your company, and usually your users, data then you can only take into account the technologies you have knowledge of.

“Tag that with an understanding of how it will work and if it is right for you.

“You will use that to give you the start of a recipe that will build or compliment your defences.

“There’s one thing for sure, you cannot stand still, you have to adapt and move with the ever changing landscape of cyber criminals.”


How responsible do you think the NHS is for your data? Let us know on Twitter @ESETUK.


Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.