Topics:
Cybersecurity in healthcare is under constant attack, with breach costs averaging nearly $10 million per incident. As cybercriminals weaponize artificial intelligence, Providence is taking a proactive stance: empowering cybersecurity caregivers with artificial intelligence (AI) skills to strengthen defenses and protect patient trust and safety.
AI is transforming both sides of the cybersecurity battlefield. Attackers use AI to automate phishing, exploit vulnerabilities, and evade detection. To counter this, Providence launched its Cybersecurity AI Upskilling Program, ensuring caregivers can harness AI for faster threat detection, smarter automation, resilient security operations, improved cybersecurity awareness, and increased productivity.
Program Goals
Expand AI literacy across Providence Cybersecurity teams.
Elevate technical expertise for managing AI-driven security architectures.
Integrate AI into workflows to drive efficiencies and increase productivity.
Foster a culture of innovation and collaboration within Cybersecurity operations.
The program offered a structured learning pathway to bring everyone on the Cybersecurity team up to a level where they all understand and can use AI effectively in their daily work. We set a goal of 10 weeks to go through the training.
"I was skeptical at first, but now I understand how AI can help—not replace—our expertise."
—Providence Cybersecurity Caregiver
The training program’s core curriculum covered AI fundamentals for cybersecurity, including key concepts such as AI agents, language models, and prompt engineering. Also covered were important topics like ethical AI use, bias mitigation, and regulatory compliance tailored for healthcare.
Team members then split into two tracks depending on if their role was technical or not. Non-technical employees gained greater AI literacy around topics like knowledge graphs, various language models, and Retrieval Augmented Generation (RAG). Technical roles expanded on those topics in more detail and training in how to build AI tools using them.
"The hands-on labs made AI concepts click for me. I can see how anomaly detection will change our game."
—Providence Cybersecurity Caregiver
While the training was conducted online and was self-paced, we also wanted to make sure everyone had opportunities to discuss what they were learning and provide opportunities to put those learnings into action. This was done through weekly open discussion sessions where anyone could come and ask questions or talk about what they were learning. We also offered a hands-on lab experience with practical exercises and tools like Databricks for model training and anomaly detection, as well as small language model development for tasks such as log parsing and automated alerts.
With almost 100% participation by the Cybersecurity team within the initial 10 weeks, we have managed to create a foundation for understanding AI and have begun widespread adoption throughout the department for various use cases. Some of our early wins include:
Operational Efficiency: AI-assisted triage is reducing alert fatigue in security operations centers. We are also seeing improvements by leveraging Microsoft Copilot for more effectiveness in our day-to-day work like meeting recaps, developing training and awareness content for all employees, and speeding up data analytics.
Cross-Functional Collaboration: Cybersecurity and data engineering teams co-developed AI guardrails for safe deployment.
Additionally, the program fostered a culture of continuous learning by encouraging team members to share insights and best practices through internal forums and knowledge-sharing sessions. Leadership supported ongoing education by providing access to advanced AI resources and incentivizing innovative applications of AI in cybersecurity workflows.
In the coming months, we plan to further integrate AI-driven solutions into our core security processes, focusing on proactive threat hunting and automation of repetitive tasks. By continuously evaluating new AI advancements and refining our models, we aim to stay ahead of emerging cyber threats and ensure robust protection for our organization. Our commitment to ongoing skill development and collaboration will be key as we explore additional opportunities for AI innovation in cybersecurity.
Mike Ratliff is the Chief Information Security Officer at Providence, one of the country's largest not-for-profit healthcare delivery organizations.
