Fighting AI-Fueled Attacks With AI-Based Cyber ToolsTroy Hawes of Moss Adams on How Healthcare Entities Can Bolster Their Defenses
Healthcare CISOs must recognize the real and imminent threat of AI-fueled cyberattacks and take proactive steps, including the deployment of artificial intelligence-based security tools, to protect patient data and critical healthcare services, said Troy Hawes, managing director at consulting firm Moss Adams.
Cybercriminals are using AI to their advantage in healthcare to exploit vulnerabilities in medical devices, compromise electronic health records, and disrupt critical healthcare services, he said in an interview with Information Security Media Group.
"They're able to automate and scale their attacks and really become more efficient and sophisticated, which is scary," he said.
But healthcare entities can bolster their defenses against these growing threats by implementing AI-based security tools, including those that monitor and detect anomalies and alert security teams for immediate action, according to Hawes.
AI countermeasures, such as endpoint detection and response or managed detection and response tools, are essential for proactive threat detection and response in healthcare, he said. "They allow an organization to be more proactive in their approach, so you're not reactive anymore."
In the interview (see audio link below photo), Hawes also discusses:
- The most concerning AI-fueled attack threats facing healthcare sector entities;
- The types of healthcare sector entities most vulnerable to AI-fueled cyberattacks;
- Other steps healthcare sector entities can take to bolster their security defenses against ransomware and other cyberattacks.
Hawes has been providing IT consulting services since 2001. He serves clients in a variety of industries including healthcare, communications and media, utilities and critical infrastructure, and higher education. Hawes has extensive experience managing and leading technology security and compliance assessments using a number of different security frameworks.