Cybersecurity in healthcare: A systematic review of modern threats and trends

Kruse, Clemens Scott; Frederick, Benjamin; Jacobson, Taylor; Monticone, D. Kyle

doi:10.3233/thc-161263

Cited by 274 publications

(196 citation statements)

References 11 publications

Supporting

Mentioning

186

Contrasting

Unclassified

Order By: Relevance

“…Luna et al [21] analysed 19 articles and Kruse et al [22] 31 articles concerning cyber threats in healthcare. The results of that studies show that healthcare industry lags behind in security and that current security systems in healthcare are insufficient in relation to capabilities of cyber criminals.…”

Section: Healthcare Data Securitymentioning

confidence: 99%

Measuring Cyber Security Awareness within Groups of Medical Professionals in Poland

Hyla¹,

Fabisiak²

2020

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

The goal of this study is to measure the cyber security awareness of medical professionals in Poland, i.e. to verify whether healthcare specialists have knowledge and understanding of basic cyber security threats. This survey was based on the cyber security recommendations from the European Union Agency for Network and Information Security and the U.S. Department of Health and Human Services. The survey consisted of 23 single and multiple-choice questions divided into four parts. The results categorized the respondents and measured the level of cyber security awareness. Among the 620 persons invited to participate in the survey, 300 (48.39%) responded and answered all of the questions. The results show a an unsatisfactory level of knowledge regarding information security in Poland. The main conclusion drawn from the survey is that the quality of cyber security training among medical professionals should be improved and frequency of the trainings should be increased.

show abstract

Section: Healthcare Data Securitymentioning

confidence: 99%

Measuring Cyber Security Awareness within Groups of Medical Professionals in Poland

Hyla¹,

Fabisiak²

2020

Proceedings of the Annual Hawaii International Conference on System Sciences

View full text Add to dashboard Cite

show abstract

“…The objective of cybersecurity education is to educate the users of technology on the potential risks they face when using internet communication tools, such as social media, chat, online gaming, email and instant messaging. Although there are many past research has been conducted on cyber security, in different areas, for example [13]- [19], less articles focused on the steps that need to be done particularly by schools in order to help cultivate cyber security awareness in detail. The objective of this paper is to discuss why it is so critical that modern learners are educated about the risks associated with being active in cyberspace, what factors hamper this education, and the importance of a cybersecurity curriculum that can be used by teachers in junior or primary schools, in the specific context of the Malaysian education system.…”

Section: Introductionmentioning

confidence: 99%

The Importance of Cybersecurity Education in School

Rahman¹,

Sairi²,

Zizi³

et al. 2020

IJIET

View full text Add to dashboard Cite

Despite the fact that the Internet has positively impacted people's lives, there are negative issues emerged related to the use of Internet. Cases like cyber-bully, online fraud, racial abuse, pornography and gambling had increased tremendously due to the lack of awareness and self-mechanism among Internet users to protect themselves from being victims to these acts. However, past research revealed that the level of awareness among Internet users is still low or moderate. One of the vital measures to be taken is to cultivate knowledge and awareness among Internet users from their early age, i.e., young children. Young children specifically, need to be educated to operate in a safe manner in cyberspace and to protect themselves in the process. The objective of this systematic review paper is to explore why it is so critical that modern learners are educated about the risks associated with being active in cyberspace and the strategies that stakeholders can use to promote cyber security education in schools. In this paper, few strategies are discussed as how cyber security education can be implemented in schools.

show abstract

“…Health information systems can empower the performance and maintenance of health services, but the processing and storage of highly sensitive data raises serious concerns regarding privacy and safety of patients [1]. e healthcare industry is a prime target for medical information theft due to the systematic unpreparedness in dealing with cyber threats menacing vital data [2]. ere is the need to increase the awareness and understanding that, in healthcare, the risk associated with patient data is not just about such data, but about patient care delivery, and potentially, even about the mental and physical health of the patient [3].…”

Section: Introductionmentioning

confidence: 99%

Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps

Moura

Fazendeiro

Inácio

et al. 2020

Journal of Healthcare Engineering

View full text Add to dashboard Cite

Background. Smartphones can tackle healthcare stakeholders’ diverse needs. Nonetheless, the risk of data disclosure/breach can be higher when using such devices, due to the lack of adequate security and the fact that a medical record has a significant higher financial value when compared with other records. Means to assess those risks are required for every mHealth application interaction, dependent and independent of its goals/content. Objective. To present a risk assessment feature integration into the SoTRAACE (Socio-Technical Risk-Adaptable Access Control) model, as well as the operationalization of the related mobile health decision policies. Methods. Since there is still a lack of a definition for health data security categorization, a Delphi study with security experts was performed for this purpose, to reflect the knowledge of security experts and to be closer to real-life situations and their associated risks. Results. The Delphi study allowed a consensus to be reached on eleven risk factors of information security related to mobile applications that can easily be adapted into the described SoTRAACE prototype. Within those risk factors, the most significant five, as assessed by the experts, and in descending order of risk level, are as follows: (1) security in the communication (e.g., used security protocols), (2) behavioural differences (e.g., different or outlier patterns of behaviour detected for a user), (3) type of wireless connection and respective encryption, (4) resource sensitivity, and (5) device threat level (e.g., known vulnerabilities associated to a device or its operating system). Conclusions. Building adaptable, risk-aware resilient access control models into the most generalized technology used nowadays (e.g., smartphones) is crucial to fulfil both the goals of users as well as security and privacy requirements for healthcare data.

show abstract

Cybersecurity in healthcare: A systematic review of modern threats and trends

Cited by 274 publications

References 11 publications

Measuring Cyber Security Awareness within Groups of Medical Professionals in Poland

Measuring Cyber Security Awareness within Groups of Medical Professionals in Poland

The Importance of Cybersecurity Education in School

Assessing Access Control Risk for mHealth: A Delphi Study to Categorize Security of Health Data and Provide Risk Assessment for Mobile Apps

Contact Info

Product

Resources

About