Editor’s Note: This is part two of a two-part interview on AI and cybersecurity with David Heaney of Mass General Brigham. To read part one, click here.
In this first-ever in-depth interview, Mass General Brigham’s Chief Information Security Officer David Heaney explains how AI is used defensively and offensively in healthcare. He says understanding the environment, knowing where to deploy controls, and mastering the basics are much more important when AI is involved.
Today, Heaney covers best practices that healthcare CISOs and CIOs can use to secure their use of AI, how his team uses them, how he helps his team get up to speed when it comes to securing with and against AI, the human element of AI and cybersecurity, and the types of AI he uses to defend against cyberattacks.
Q. What are some best practices that healthcare CISOs and CIOs can adopt to secure the use of AI? And how are you and your team using them at Mass General Brigham?
ONE. It’s important to start with how you ask that question, which is understanding that these AI capabilities will drive incredible changes in how we care for patients and how we discover new approaches and much more in our industry.
The real issue is how we support that and how we help ensure that. As I mentioned in part one, it’s really important to make sure that we’re getting the basics right. So if there’s an AI-driven service that’s using our data or running in our environment, we’re going to have the same requirements for risk assessments, for business associate agreements, for any other legal agreements that we have with non-AI services.
Because at some level we’re talking about another application and it needs to be regulated just like any other application in the environment, including restrictions on the use of unapproved applications. And none of that is to say that there aren’t specific AI considerations that we want to address, and there are a number of considerations that come to mind. In addition to the standard legal agreements that I just mentioned, there are certainly additional considerations around the use of data.
For example, do you want your organization’s data to be used to train downstream vendors’ AI models? The security of the AI model itself is important. Organizations need to consider options around continuous validation of the model to ensure it delivers accurate results in all scenarios, and that can be part of the AI governance I mentioned in part one.
There’s also adversarial testing of models. If we put in bad input, does it change how the output comes out? And then one of the fundamental areas that I actually see changing a little bit in terms of its importance in this environment is around the ease of adoption of a lot of these tools.
An example there: Look at There are note-taking services like Otter AI or Read AI, and there are many more. But these services are encouraged to make adoption simple and easy, and they do a great job of it.
While the concerns around using these services and the data they can access and the like remain the same, the combination of ease of adoption for the end user and, frankly, just the fun factor of this and a number of other apps really makes this an important area to focus on in how you integrate different apps, especially AI-driven ones.
Q. How have you kept your team up to speed when it comes to securing with and against AI? What role does the human element play here?
ONE. It’s huge. And one of the top values I have for my security team is curiosity. I think it’s the single most important skill behind everything we do in cybersecurity. It’s that thing where you see something that’s a little funny and you say, “I wonder why that happened?” And you start digging.
That’s the beginning of almost every innovation we do in the industry. So to get there, a big part of the answer is having curious team members who are excited about this and want to learn about it themselves. And they just go out and play with some of these tools.
I try to lead by example in this space by sharing how I’ve used various tools to make my job easier. But there’s no substitute for that curiosity. At MGB, in our digital team, we try to dedicate one day a month to learning, and we provide access to a lot of training services that have relevant content in that space. But the real challenge is that technology changes faster than training can keep up.
So there’s really no substitute for just getting outside and playing with technology. But maybe, with a bit of irony, one of the The purpose of using generative AI is to learn. And one of the things I do is use a prompt that says something like, “Create a table of contents for a book titled X, where X is whatever topic I want to learn about.” And I usually also state a little bit about the author and the purpose of the book.
That creates a great outline of how to learn about that topic. And then you can ask your AI friend, “Hey, can you expand on chapter one? And what does that mean?” Or maybe go to other sources or other forums to find relevant content there.
Q. What are some of the AIs you use, without revealing any secrets of course, to combat cyber attacks? Maybe you could elaborate on how these AIs work and why you like them?
ONE. Our overall digital strategy at MGB is really focused on leveraging the platforms of our technology vendors. Taking a bit of the vendor question from part one, our focus is on working with these companies to develop the most valuable capabilities, many of which will be powered by AI.
And just to give a picture of what that looks like, at least in general terms, without giving away the golden goose, so to speak, our endpoint protection tools use a variety of AI algorithms to identify potentially malicious behavior. Then they all send logs from all of these endpoints to a central collection point, where there’s a combination of both rules-based and AI-based analysis to look for broader trends.
So not just across a system, but across the entire environment. Are there any trends that indicate some increased risk? We have Identity Manager and that’s the tool that we use to provide access to grant and remove access in the environment. And that tool has a lot of built-in capabilities to identify potential risks and see what combinations of access might have been in place or even see access requests as they come up to prevent us from granting that access in the first place.
It’s a world of built-in platforms and technologies. But beyond that, going back to how we can use generative AI in some of these areas, we use it to accelerate all sorts of tasks that we used to do manually.
The team achieved, I can’t give specific numbers, but I would say a lot of time saved. using generative AI to write custom scripts for triage, for forensics, to fix the system. It’s not perfect. AI gets us, I don’t know, 80% of the way there, but our analysts then refine the script and execute it much faster than if they ran it or created it from scratch.
Likewise, we use some of these AI tools to generate queries that feed into our other tools. We help our junior analysts get up to speed quickly by giving them access to these tools to help them make more efficient use of the various technologies we have deployed.
Our senior analysts are just more efficient. They already know how to do a lot of these things, but it’s always better to start at 80% than to start from zero.
In general, I would describe it as my really eager intern. I can ask it to do anything and it will return something that is somewhere between a really good starting point and potentially a great and complete answer. But I certainly wouldn’t use that answer without testing it myself and completing it first.
CLICK HERE to watch this video interview which contains BONUS CONTENT not included in this story.
Editor’s Note: This is the tenth and final article in a series of articles featuring leading voices in health IT discussing the use of artificial intelligence. Read more articles:
Follow Bill’s HIT coverage on LinkedIn: Siwicki Invoice
Email him: [email protected]
Healthcare IT News is a publication of HIMSS Media.
