Skip to main content
Article thumbnail
Location of Repository

A Cybersecurity Risk Assessment Framework that Integrates Value-Sensitive Design

By Aida Alvarenga and George Tanev

Abstract

Medical devices today are more effective and connected than ever before, saving more patient lives and making healthcare practitioner’s jobs more efficient. But with this interconnectedness comes inherent concerns over increased cybersecurity vulnerabilities. Medical device cybersecurity has become an increasing concern for all relevant stakeholders including: patients, regulators, manufacturers, and healthcare practitioners. Although cybersecurity in medical devices has been covered in the literature, there is a gap in how to address cybersecurity concerns and assess risks in a way that brings value to all relevant stakeholders. In order to maximize the value created from cybersecurity risk mitigations, we review literature on the state of cybersecurity in the medical device industry, on cybersecurity risk management frameworks in the context of medical devices, and on how cybersecurity can be used as a value proposition. We then synthesize the key contributions of the literature into a framework that integrates cybersecurity value considerations for all relevant stakeholders into the risk mitigation process. This framework is subsequently applied to the hypothetical case of an insulin pump. Using this example case, we illustrate how medical device manufacturers can use the framework as a standardized method that can be applicable to medical devices at large. Our ultimate goal is to make cybersecurity risk mitigation an exploitable asset for manufacturers rather than a regulatory obligation

Topics: cybersecurity, framework, medical devices, risk assessment, value propositions, value-sensitive design, Technology (General), T1-995, Management. Industrial management, HD28-70
Publisher: Carleton University
Year: 2017
OAI identifier: oai:doaj.org/article:d748e1cebcbb46c3a88eb16a201beac4
Journal:
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • https://doaj.org/toc/1927-0321 (external link)
  • http://timreview.ca/ (external link)
  • https://doaj.org/article/d748e... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.