Cybercrime , Endpoint Security , Fraud Management & Cybercrime

Healthcare Summit Focus: AI Threats, Medical Device Security

CISOs and Security Leaders Explore the Latest Trends and Strategies at ISMG Event
Healthcare Summit Focus: AI Threats, Medical Device Security
John Riggi, national adviser for cybersecurity and risk, American Hospital Association

The 10th annual Information Security Media Group Healthcare Cybersecurity Summit in New York explored emerging trends and best practices in healthcare cybersecurity, driving conversations around securing patient data and ensuring seamless healthcare system operations amid escalating cyber incidents and technological dependencies. Attendees included IT security leaders, CISOs, CEOs, compliance and privacy officers, and medical device security specialists from the healthcare industry.

See Also: Enterprise Browser Supporting Healthcare, Cyber Resilience

Speakers and session panelists - including CISOs from top healthcare sector entities, regulatory and government officials, and industry group leaders - addressed a range of issues including the complexities of protecting patient data, the nuances of regulatory compliance, the integration of new technologies and the management of legacy systems. Speakers called for a collaborative approach to cybersecurity, in which knowledge sharing and coordinated efforts are key to enhancing the overall security posture of healthcare organizations.

"Since the inaugural event a decade ago, the healthcare sector has evolved into one of the most highly targeted by cybercriminals. Not only have these attacks compromised the sensitive information of hundreds of millions collectively, they have caused serious disruptions to patient care and safety," said Marianne Kolbasuk McGee, executive editor of HealthcareInfoSecurity. "The event speakers and panelists dissected these trends and provided advice for what the sector can do to be better prepared, to prevent falling victim and most importantly, in responding to these incidents - including what to watch for from a regulatory perspective."

The summit opened with a keynote speech by John Riggi, national adviser for cybersecurity and risk at the American Hospital Association. Riggi focused on critical cyberthreats facing healthcare organizations, including the latest attack tactics used by cyber adversaries. He also examined the evolving regulatory landscape that healthcare entities must navigate and advised organizations to adopt robust third-party and supply chain risk management to safeguard healthcare systems.

AI and Medical Device Cybersecurity

The summit featured transformative sessions on AI-powered threat detection and incident response strategies. Experts explored the dual role of AI in healthcare cybersecurity, acknowledging both its potential benefits and inherent risks. Aftin Ross of the FDA's Center for Devices and Radiological Health and Phil Englert of the Health Information Sharing and Analysis Center led a discussion on managing medical device cybersecurity challenges. They discussed the FDA's authority to ensure new medical devices meet stringent cybersecurity standards and offered guidance on navigating these regulatory requirements. The session also explored the implications of these new regulations for device makers and healthcare entities and the need for strong cybersecurity measures throughout the device life cycle.

CISA's Role and the VA's Cybersecurity Strategies

Another major topic was CISA's critical role in protecting healthcare infrastructure and its collaborative efforts with healthcare organizations. Lynette Sherrill, deputy assistant secretary of information security and CISO at the U.S. Department of Veterans Affairs, shared strategies for addressing top cyberthreats facing the VA. The VA is adopting proactive security measures, including agile methodologies, and is implementing a zero trust approach. Sherrill also discussed the security risks presented by the proliferation of advanced medical devices and implementation examples of security controls for special-purpose systems at the VA.

Ethical and Legal Considerations for AI in Healthcare

The ethical and legal complexities of AI in healthcare were addressed in a session led by attorneys Cory Brennan and David Hoffman. They discussed strategies to mitigate risks associated with AI deployments in patient care and cybersecurity and offered a balanced view of AI's potential and its challenges. The session provided practical strategies for navigating these dilemmas and highlighted the importance of addressing security, privacy and ethical concerns in the deployment of AI technologies. Participants examined how biases in AI datasets can lead to unequal healthcare outcomes and explored effective strategies to ensure fair and equitable AI applications.

Melanie Fontes Rainer and Linda Colón from the U.S. Department of Health and Human Services' Office for Civil Rights provided updates on HIPAA compliance and data protection and stressed the agency's focus on enforcement and breach investigations.

Deepfake Tabletop Exercise: Unmasking Cyber Deception

A highlight of the summit was the interactive tabletop exercise on deepfakes, hosted by the U.S. Secret Service and CyberEdBoard. This simulation involved a sophisticated cyberattack scenario that targeted a corporate executive, incorporating elements of social engineering and financial fraud. Participants gained practical experience in identifying and responding to deepfake threats and preparing for such incidents. The exercise aimed to bolster strategic response capabilities and improve organizational readiness against advanced cyberthreats. It emphasized the importance of interagency collaboration and knowledge exchange to create comprehensive incident response strategies that cover legal, technical and communicational facets.

The Healthcare Cybersecurity Summit provided healthcare CISOs and cybersecurity leaders with the knowledge and tools to enhance organizational resilience and stay ahead of evolving threats. ISMG editors conducted interviews with speakers, capturing their perspectives on current cyber challenges and effective management strategies. The discussions, collaboration and practical exercises underscored the importance of proactive measures and strategic planning in securing healthcare's digital landscape.

Join ISMG at the virtual AI's Double-Edged Sword: Navigating Risks While Unlocking Opportunities summit on Aug.15, 2024. Discover cutting-edge strategies and insights from industry experts on leveraging artificial technology to safeguard your organization against evolving cyberthreats.


About the Author

Yamini Kalra

Yamini Kalra

Project Manager - Global Copy Desk, ISMG

Kalra has more than eight years of experience in content production across journalism, research and media. Prior to ISMG, she worked at Gartner, The Indian Express and Outlook India.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.eu, you agree to our use of cookies.