As Adoption of Edge Computing in Healthcare Grows, So Do Security Needs

January 25, 2022 - Edge computing adoption in healthcare is growing at fast rates as 5G takes hold, AT&T’s latest Cybersecurity Insights Report found. Nearly three-quarters of healthcare industry respondents said they were planning to or have already implemented an edge use case.

“That number was a pleasant surprise,” Theresa Lanowitz, head of cybersecurity evangelism at AT&T Business, said in an interview with HealthITSecurity.

To understand the growing adoption, it is crucial to understand what edge is and all its implications. AT&T’s report aimed to provide clarification and “highlight the need for security in a new compute paradigm underpinned by 5G and edge.”

Notably, Lanowitz said that there is no one definition of edge that all respondents adhere to.

“Edge means different things to different people, and vendors are defining edge according to their technology stacks,” the report noted. “The ambiguity complicates security decisions.”

Rather than trying to pinpoint the definition of an edge network, Lanowitz suggested defining the three essential characteristics of one.

Those characteristics include a distributed model of management, intelligence, and networks, Lanowitz said. The second characteristic requires applications, hosting, and workloads to be closer to the users and assets generating data. Finally, edge networks are software-defined.

Alternatively, the Cybersecurity and Infrastructure Security Agency (CISA) states that “edge computing transforms the way data is processed and stored by moving some core network functions to be more proximate to the end user at the network edge rather than relying on a central location that may be hundreds of miles away.”

“Moving the data processing and storage closer to the point at which it is created minimizes the amount of long-distance communication required between a client and a server.”

Essentially, edge computing supports 5G technologies and will require changes in an organization’s security strategies. Those changes will likely require major investments, AT&T’s report predicted.

“A proactive stance on security best serves enterprises that are innovating at the edge,” the report stated.

“The stakes are too high for reactionary security decisions or security controls prescribed based primarily on past experiences or practices. Sensors and data are everywhere, and networks are always available.”

The rapid adoption in healthcare is likely driven by the increase in virtual and at-home care that resulted from the pandemic. The most popular edge use case among healthcare respondents involved consumer virtual care, or “care anywhere.”

“Healthcare organizations had to do a lot to make sure that those visits are meeting with compliance standards set by the healthcare industry,” Lanowitz explained.

“So, they started to accelerate their security quickly and early in the pandemic to be able to achieve better outcomes for the patient as well as the provider.”

Healthcare edge use cases specifically emphasize the need for adequate security controls alongside digital transformation. Lanowitz noted that 65 percent of respondents who were implementing edge use cases reported working with a third-party trusted advisor to enable the implementation.

“The pandemic accelerated so many things especially in healthcare, and we have seen that over the past two years,” Lanowitz continued.

“And what we really realized here at AT&T Cybersecurity very quickly in 2020, at the onset of the pandemic, was that cybersecurity was really moving from this idea of being a technical problem to being a business enabler.”

The increase in cyberattacks and shift to 5G spurred transformations in cybersecurity across all sectors. Rather than being an afterthought, cybersecurity is now a top priority. Edge computing, like any other innovation, should be carefully considered in terms of risks and benefits.

The report recommended that organizations emphasize the importance of security in all edge network discussions. Organizations should leverage legacy security controls, but also enable next-generation controls such as Zero Trust and SASE.

“Edge may mean different things to different people, but this doesn’t alter the fact that organizations are adopting edge computing and implementing edge use cases,” the report suggested.

“The ongoing transition from a centralized to a decentralized computing model is a sea change that calls for next-generation thinking about security.”