Advanced Data Analytics and Machine Learning in Healthcare Cybersecurity

Cybersecurity has become a major issue in the past couple of years, with the frequency and severity of attacks on organizations around the world steadily rising. The healthcare industry made headlines and became acknowledged as a public target in early 2016 when a Hollywood hospital decided to pay $17,000 in bitcoin after hackers hit them with ransomware.

Since then, it’s only gotten worse. The WannaCry virus, which hit the scene Spring of 2017 apparently infected over 220,000 computers around the world, and DDoS attacks have shut down sites and whole parts of in the internet for extended amounts of time.

Shockingly, Rejiv Leventhal writing for healthcare-informatics.com reports that 9 in 10 C-suite executives still haven’t made cybersecurity a talking point with their boards.

“For the survey, Black Book researchers polled more than 300 strategic decision makers in U.S. healthcare organizations, including both providers and payers,” writes Leventhal. “When it comes to payers, 31 percent said they have an established manager for cybersecurity programs currently, with 44 percent planning to recruit a candidate in 2018… The survey revealed that the healthcare industry continues to underestimate security threats as attackers continue to seek data and monetary gain…”

Not only do healthcare administrators need to begin taking cybersecurity more seriously, they need to make sure to focus on measures that actually work. Big data and advanced analytics have proven effective technologies in healthcare already, and may just be the answer for administrator’s IT cybersecurity needs.

Cybercrime is Bad, and It Will Only Get Worse

According to Steve Morgan, writing for CSO Online, cybercrime damages are predicted to exceed $6 trillion annually by 2021, while cybersecurity spending is set to exceed $1 trillion from 2017 to 2021. What’s more, he predicts that the human attack surface will reach 6 billion people by 2022.

“As the world goes digital, humans have moved ahead of machines as the top target for cyber criminals,” he writes. “There are 3.8 billion internet users in 2017 (51 percent of the world’s population of 7 billion), up from 2 billion in 2015. Cybersecurity Ventures predicts there will be 6 billion internet users by 2022 (75 percent of the projected world population of 8 billion) — and more than 7.5 billion internet users by 2030 (90 percent of the projected world population of 8.5 million, 6 years of age and older). The hackers smell blood now, not silicon.”

This situation is exacerbated by the fact that not everybody is going to be just an “internet user,” but that they will likely be the owners of personal and medical information on the cloud. Indeed, some sources have determined that some 97 percent of patients would like healthcare organizations to have access to all of their patient records.

When you combine that reality with the fact that malware is now proliferating at a rate that most are unequipped to handle, it’s easy to see why this is becoming such a problem. Ralf Benzmüller, writing for G Data, mentions that “in 2016 every 4.6 seconds a new malware specimen emerged — in the first quarter of 2017 this only takes 4.2 seconds.”

On top of this extreme malware proliferation, it’s become apparent, based on “2017 State of Cybercrime Report” by SecureWorks, that malware is now cheaper to obtain and easier to use than ever. Malware/Hacking as a Service (MaaS/HaaS) is popular on the dark web, and the report even found that it costs as little as $10 to obtain personal records and credit card information. Lastly, the report found that, as expected, ransomware is among the worst of threats that business will have to deal with — but that social engineering and human error are major causes of breaches as well.

All of this is why the experts at Marylhurst University suggest maintaining frequent backups and performing regular internal security audits, in conjunction some of these other risk management measures:

• Establish a core cybersecurity team who are responsible for identifying risks and establishing procedures to ensure that if an attack were to occur, it does as little damage as possible.
• Keeping in mind the Cybersecurity Framework being drafted by the National Institute of Standards and Technology, develop a plan for responding efficiently to cybersecurity attacks and investigating them to determine the source and cause of the attack.
• Ensure that all equipment currently being used adheres to the standards set in June of 2013 by the FDA, which establishing guidelines that help keep equipment clear of malware, including deployment of intrusion detection and prevention software.
• Network with other security officials and hospitals, constantly updating hospital policies and response procedures to keep up with the ever changing cyber security world.
• Ensure hospital insurance coverage is updated to cover loss and potential liabilities involved with cyber security.

Unfortunately, the propensity for human error and the simple fact that a new strain of malware is born every 4.2 seconds means that even these measures simply aren’t enough. Fortunately, advanced data analytics and machine learning may provide desperately needed solutions in the face of an increasingly complex situation.

Machine Learning and Analytics Solutions

These complications mean that a new approach toward cybersecurity is needed. Experts utilizing machine learning and advanced analytics are now able to “gather, store and analyze data on the functioning of the organization’s systems,” according to Villanova University.

“This allows them to see indications of illicit activities like brute-force attacks, Distributed Denial of Service attacks or phishing,” they write. “Over time, they can become aware of the most vital warning signs and vulnerabilities for the company’s particular set of risks. For instance, monitoring user behavior may reveal anomalies in how certain individuals are working within the system.”

Essentially, new approaches to cybersecurity mean that AI systems will use analytics to establish an infrastructure baseline, and will notify administrators and professionals if ever there is a deviation from that norm. This is important, because the way normal anti-virus programs work is that they check systems against a database of established threats — but with hundreds of viruses created daily, that’s hardly effective anymore.

The future of healthcare security depends on machine learning and data analytics. Administrators and other healthcare professionals need to understand this, and that current standards won’t last for long. Patient data and safety depends on it.