Photo: boonchai wedmakawand/Getty Images
UPDATED - The HIMSS AI and Cybersecurity Virtual Forum held on Tuesday, Nov. 18, remains available to view online. All sessions are free.
The forum represents the next step in AI progression, from excitement after the launch of ChatGPT, to implementation within healthcare organizations, to current heightened concerns over regulating the technology.
Dr. Benoit Desjardins, a former hacker, kicked off the conference, addressing how AI can be used to attack organizations in “AI v. AI – Defending Against AI-Powered Cyber Threats in Healthcare.”
Desjardins is a professor of radiology at the University of Montreal, the CMIO at the Centre Hospitalier de l'Université de Montréal (CHUM) and a consultant in IT for the Quebec government.
His 45-minute session looked at how artificial intelligence is reshaping the threat landscape and the tools needed to counteract it.
Organizations using AI are exposed to risk and may not understand what data and infrastructure are being tapped into to make AI run, according to Kyle Murphy, HIMSS' senior content and programming lead, who spoke with Desjardins.
“AI can superchange malware and take other forms to create new variants,” Murphy said.
Benoit told him, he said, “‘If you’re not poking around a little bit, you’re doing yourself a disservice.’”
Constant diligence is needed.
“The idea is, threats are going to evolve over time; you need to prepare yourself at any given time. Don’t think you’ve got your i’s dotted and t’s crossed,” Murphy said. “It can also be simple and comes down to people. Look at the thieves who were able to break into the Louvre Museum. The alarm password was ‘Louvre.’”
In talking about the major cyberattacks, Change Healthcare’s breach in February 2024 is still considered the big one. What was surprising about the ransomware attack that took down claim systems nationwide and caused powerhouse UnitedHealth Group to pay $22 million in bitcoin was how easy it was for Black Basta to access the system.
UnitedHealth Group had bought Change Healthcare two years prior to the attack and had yet to update the oldest systems, then CEO Andrew Witty told lawmakers in Senate and House hearings. Because of this, Change had no multi-factor authentication on a remote access system. Hackers exploited this critical security lapse to gain initial access to the company's network.
AI has both upped the sophistication of cyberattacks and increased the ability to ease administrative burdens, aid research and advance clinical goals. The seven sessions offered on Tuesday tackle the challenges.
“We’re trying to identify the touch points, the pain points, to think about people, process and technology,” Murphy said.
The forum is sensitive to organizations of different sizes and budgets, he said.
Tuesday’s sessions include addressing the culture of cyber resilience, the current state of CISOs and cybersecurity in healthcare, and AI as a catalyst in the workforce.
Dr. Xiaoqian Jiang, associate VP for Medical AI, The University of Texas Health Science Center at Houston, will talk about the dependence on large data sets in “Advancing Secure AI In Healthcare for Innovation and Research.”
There is also on demand content on “Cybersecurity Case Study: A Tale of Two Hospitals.”
The conference offers continuing education certifications. There is no cost to register or attend.
The HIMSS AI & Cybersecurity Virtual Forum is free to attend on Nov. 18. Learn more and register.