Prevent, detect and respond are best practices in cybersecurity: Aimee Cardwell, SVP and Chief Information Security Officer, UnitedHealth Group.
In an exclusive interaction with Express Computer, Aimee Cardwell, SVP and Director of Information Security, UnitedHealth Group shares some use cases on how to prevent cyberattacks in the healthcare industry.
Some edited snippets:
How is cybersecurity an important aspect of healthcare?
As a matter of reliability, every healthcare technology company has an obligation to protect the privacy of their patient data and health information. Looking at patient data through a cybernetic lens, they are perceived as many targets spread across the site, and the interesting fact is that UnitedHealth Group you want to scan these records because you want your doctor to see all the other things they’ve done to you; this would help provide solid and rich healthcare. This shows that electronic health records are necessary for health care, but they have also become a goal. So if everything is on paper and pen, it’s a little harder for a cybersecurity person or a bad actor to take advantage of it. In our opinion, the best experience of the patient is to want electronic health records, which entails his obligation and honor to keep these records as well as private records and not allow access to them externally.
- Please share some used cases of cyber attacks in the healthcare space and how can we prevent them?
In general, there are three main vectors for cybersecurity attacks. The first is through attachments or email links, is when people click on either and the computer is compromised. In general, the computer is connected to a network, then the network is compromised and the criminal enters the system. The second is software vulnerabilities. As you know, many programs are not updated regularly, so when a bad actor finds a vulnerability, it enters the system. The third way is through open source software or third party software like Kaseya.
Our engineers create code, and then the code is deployed and the vulnerabilities are made public. After that, they detect the vulnerabilities and tell the engineer to fix it. However, what they are trying to do is not publish the vulnerability in the first place and do secure coding practices so that we do not have such a big attack.
- What are some of the emerging technologies such as AI / ML, RPA, and Automation that help combat cyber threats?
A compelling method of looking at patterns in networks is through AI and ML and RPA. When patterns change, these tools observe such abnormal behavior. Like most companies, there are always people trying to scam us. We analyzed all the information shared with us by the ML model I had generated by analyzing all the fraudulent activities over the years. Therefore, it helps us to identify any anomalies that we can detect by AI and ML by observing patterns identified by the analysis of information by ML. That’s why we continue to train the AI and ML model to detect fraud, and now we can see it before a fraudulent transaction occurs. Even if it’s a scam, we don’t lose money because we can prevent it.
- How do you ensure that customer data is protected? What is the cybersecurity approach you are taking to protect your data?
The more electronic data, the better the health service and the larger the risk area. The only suggestion I would give our customers to protect their data would be to use multifactor authentication. If I can guess your password and a good ML password detection system can guess your password, then your data is open. While this is true, cyber experts will say that you can avoid multifactor authentication; you can use the SIM card. However, it makes it much harder. So this is the number one way for customers to keep their data more secure.
- Is there a growing demand for cybersecurity professionals? If so, how can we meet this growing demand?
Today there are at least three and a half million vacancies in cybersecurity. He is one of the most desired talents in all engineering in all technology. More than half of people in cybersecurity do not have real formal training in cybersecurity, this can lead people to believe that it is difficult because there are people without training. The diversity of thoughts makes us much stronger and richer as a cybersecurity team. We get in touch with everyone, from our computer support service to people in the banking profession, we are looking for doctors interested in cybersecurity because they give an insight into the doctor’s experience and how it could be hacked.
We have cyber professionals all over the world and we continue to focus on India and our other locations because talent is very hard to find. It’s also because we’re a global company and because our response to security incidents is 24 hours a day, 7 days a week, we want to make sure we have great talent around the world that they’re always overseeing, building new software, building new monitors, making it better. inform, help your engineers be safer, find out how to make our employees’ experience safer, and protect our patients, providers, and employees. Therefore, we continue to increase our presence in India, just as we continue our presence in the rest of the world.
- What good practices can the healthcare industry take to prevent data breaches and ensure cybersecurity?
Preventing, detecting and responding are the best preventative measures. We also do prevention in the cyber world, and we’ve talked about some of these things; filtering email to keep bad or less bad stuff out. We train all our employees. On every computer and every server, we have endpoint detection.
We have a red team trying to spot vulnerabilities and then fix it. We do external audits, we do cybersecurity teams and we ask them to look at our practices and tell us what we may be missing.
Our team has all kinds of detection capabilities. We have a 24 hour security incident response team that is always called.