While there’s plenty of evidence pointing to rapidly rising investments in AI across the healthcare sector, the future of AI in healthcare hinges upon one thing right: securing AI-powered medical devices against cybersecurity risks.
So says Steeve Huin, Chief Marketing Officer, and Head of Business Development and Strategic Partnerships at Irdeto, a digital platform security firm.
In a recent commentary, Huin points to the array of new AI-driven patient apps and connected medical devices being launched regularly across the healthcare sector, but he also notes that while AI can and often has been used for good, it can also be used to discover and exploit vulnerabilities.
“For example,” he says, “the same type of algorithm being implemented in a medical device to more accurately and quickly diagnose cancer may also be used by a bad actor to attack that device.”
As an example, he describes a 2019 study from Ben-Gurion University which “demonstrated how AI-savvy hackers could manipulate CT and MRI results of lung cancer patients – gaining complete control over the number, size and location of tumors. Both radiologists and AI algorithms were unable to differentiate between the altered and correct scans. This kind of tampering has the potential to impact patient lives, and can also result in insurance fraud, ransomware attacks and other issues for both patients and providers.”
For Huin, the two critical steps AI developers must take in designing new devices involve building “access control layers, such as logins and passwords, to ensure that only those who are authorized to have access are able to see the information, (and) add anomaly detection to detect unusual usage patterns within what is considered the normal communication pattern.”
Beyond those two steps, he says it’s also important “to harden connected devices against reverse engineering. Manufacturers can use many different tactics and solutions to make the code in their devices difficult to reverse engineer and thereby help keep them secure.”
Finally, he says, device developers and manufacturers must “ensure the regulatory readiness of their medical devices, particularly as the regulatory landscape continues to evolve. While 80% of medtech executives believe that regulatory compliance is the biggest business benefit of implementing a strong cybersecurity strategy, only four in 10 respondents rated themselves very aware or knowledgeable about forthcoming EU and U.S. cybersecurity regulations.”
In short, Huin notes, few doubt the potential for AI to make major contributions across the healthcare sector, but those contributions will remain at risk of ever being realized until developers and manufacturers incorporate the advanced security necessary to protect AI against the ever-growing risk of cyberhacks.
Photo by scyther5/Getty Images