Cyber risk in health facilities: A systematic literature review

The current world challenges include issues such as infectious disease pandemics, environmental health risks, food safety, and crime prevention. Through this article, a special emphasis is given to one of the main challenges in the healthcare sector during the COVID-19 pandemic, the cyber risk. Since the beginning of the Covid-19 pandemic, the World Health Organization has detected a dramatic increase in the number of cyber-attacks. For instance, in Italy the COVID-19 emergency has heavily affected cybersecurity; from January to April 2020, the total of attacks, accidents, and violations of privacy to the detriment of companies and individuals has doubled. Using a systematic and rigorous approach, this paper aims to analyze the literature on the cyber risk in the healthcare sector to understand the real knowledge on this topic. The findings highlight the poor attention of the scientific community on this topic, except in the United States. The literature lacks research contributions to support cyber risk management in subject areas such as Business, Management and Accounting; Social Science; and Mathematics. This research outlines the need to empirically investigate the cyber risk, giving a practical solution to health facilities. Keywords: cyber risk; cyber-attack; cybersecurity; computer security; COVID-19; coronavirus;information technology risk; risk management; risk assessment; health facilities; healthcare sector;systematic literature review; insuranc

Security of Big Data in Healthcare Systems

As cyber-attacks have become more common and sophisticated, the need for a stable security framework has become essential. Information security requirements must be met by digital technologies utilized in the health care sector. Modern hospitals are becoming increasingly digital, and information and communication technology is becoming an increasingly significant element of the core business. This lays the groundwork for improved patient care quality. At the same time, the health sector's vulnerability to digital attacks and data breaches is growing, and so are the potential negative effects of security breaches. The Norwegian healthcare system is divided into different regions, each with its own set of processes and procedures. Because of the fragmentation, there are substantial communication issues between the many health regions and their systems, making transmitted data vulnerable to threat actors. A reorganization is required to effectively handle this issue and improve the security of healthcare systems. The research was conducted using a qualitative method with a problem-oriented phenomenon-driven research approach on Norwegian Healthcare Sector. In addition, interviews with different security employees from the different health regions in Norway, as well as a document analysis of published papers was done to gather empirical material for the master thesis

Security of Big Data in Healthcare Systems

As cyber-attacks have become more common and sophisticated, the need for a stable security framework has become essential. Information security requirements must be met by digital technologies utilized in the health care sector. Modern hospitals are becoming increasingly digital, and information and communication technology is becoming an increasingly significant element of the core business. This lays the groundwork for improved patient care quality. At the same time, the health sector's vulnerability to digital attacks and data breaches is growing, and so are the potential negative effects of security breaches. The Norwegian healthcare system is divided into different regions, each with its own set of processes and procedures. Because of the fragmentation, there are substantial communication issues between the many health regions and their systems, making transmitted data vulnerable to threat actors. A reorganization is required to effectively handle this issue and improve the security of healthcare systems. The research was conducted using a qualitative method with a problem-oriented phenomenon-driven research approach on Norwegian Healthcare Sector. In addition, interviews with different security employees from the different health regions in Norway, as well as a document analysis of published papers was done to gather empirical material for the master thesis

Medical Cyber-Physical Systems Development: A Forensics-Driven Approach

The synthesis of technology and the medical industry has partly contributed to the increasing interest in Medical Cyber-Physical Systems (MCPS). While these systems provide benefits to patients and professionals, they also introduce new attack vectors for malicious actors (e.g. financially-and/or criminally-motivated actors). A successful breach involving a MCPS can impact patient data and system availability. The complexity and operating requirements of a MCPS complicates digital investigations. Coupling this information with the potentially vast amounts of information that a MCPS produces and/or has access to is generating discussions on, not only, how to compromise these systems but, more importantly, how to investigate these systems. The paper proposes the integration of forensics principles and concepts into the design and development of a MCPS to strengthen an organization's investigative posture. The framework sets the foundation for future research in the refinement of specific solutions for MCPS investigations.Comment: This is the pre-print version of a paper presented at the 2nd International Workshop on Security, Privacy, and Trustworthiness in Medical Cyber-Physical Systems (MedSPT 2017

Cyber security investigation for Raspberry Pi devices

Big Data on Cloud application is growing rapidly. When the cloud is attacked, the investigation relies on digital forensics evidence. This paper proposed the data collection via Raspberry Pi devices, in a healthcare situation. The significance of this work is that could be expanded into a digital device array that takes big data security issues into account. There are many potential impacts in health area. The field of Digital Forensics Science has been tagged as a reactive science by some who believe research and study in the field often arise as a result of the need to respond to event which brought about the needs for investigation; this work was carried as a proactive research that will add knowledge to the field of Digital Forensic Science. The Raspberry Pi is a cost-effective, pocket sized computer that has gained global recognition since its development in 2008; with the wide spread usage of the device for different computing purposes. Raspberry Pi can potentially be a cyber security device, which can relate with forensics investigation in the near future. This work has used a systematic approach to study the structure and operation of the device and has established security issues that the widespread usage of the device can pose, such as health or smart city. Furthermore, its evidential information applied in security will be useful in the event that the device becomes a subject of digital forensic investigation in the foreseeable future. In healthcare system, PII (personal identifiable information) is a very important issue. When Raspberry Pi plays a processor role, its security is vital; consequently, digital forensics investigation on the Raspberry Pies becomes necessary

The Internet of Hackable Things

The Internet of Things makes possible to connect each everyday object to the Internet, making computing pervasive like never before. From a security and privacy perspective, this tsunami of connectivity represents a disaster, which makes each object remotely hackable. We claim that, in order to tackle this issue, we need to address a new challenge in security: education