Risk management focusing on the best practices of data security systems for healthcare

Dias, Fábio Martins; Martens, Mauro Luiz; Monken, Sonia Francisca; Silva, Luciano Ferreira da; González, Ernesto D.R. Santibañez

doi:10.5585/iji.v9i1.18246

Cited by 7 publications

(10 citation statements)

References 40 publications

(173 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another human factor-related mitigation strategy against cybersecurity attacks is password management. Access to computing resources and healthcare data should be restricted to users that have been authenticated through username and password (Bhuyan et al, 2020;Dias et al, 2021). It is not uncommon for end-users to use weak and easy-to-guess passwords.…”

Section: Cybersecurity Countermeasures and Mitigation Strategiesmentioning

confidence: 99%

“…It is not uncommon for end-users to use weak and easy-to-guess passwords. Hence, healthcare institutions should encourage, and when necessary, enforce the use of strong passwords by employees (Bhuyan et al, 2020;Dias et al, 2021). Some of the password security measures that could be incorporated into a holistic cybersecurity strategy include (Dias et al, 2021;Elhoseny et al, 2021;Jalali & Kaiser, 2018;Nunes et al, 2021):…”

Section: Cybersecurity Countermeasures and Mitigation Strategiesmentioning

confidence: 99%

“…Hence, it is vital that different components of IT infrastructures, including hardware and software, are adequately maintained and upgraded to ensure that cybercriminals do not exploit their weaknesses to gain access to healthcare data (Alodaynan & Alanazi, 2021;Elhoseny et al, 2021). IT infrastructure management can also entail vulnerability management, where the vulnerability of an institution to cyberattacks is regularly assessed and classified to determine their order of priority (Dias et al, 2021). Rather than reacting to cyberattacks, healthcare institutions can be proactive by implementing intrusion detection and prevention systems to monitor their networks for suspicious activities, generate alerts to them, and automatically launch the predefined countermeasure to a potential cyberattack (Elhoseny et al, 2021;Radoglou-Grammatikis et al, 2021).…”

Section: Cybersecurity Countermeasures and Mitigation Strategiesmentioning

confidence: 99%

“…Rather than reacting to cyberattacks, healthcare institutions can be proactive by implementing intrusion detection and prevention systems to monitor their networks for suspicious activities, generate alerts to them, and automatically launch the predefined countermeasure to a potential cyberattack (Elhoseny et al, 2021;Radoglou-Grammatikis et al, 2021). A risk management approach to cybersecurity countermeasures entails conducting cybersecurity risk assessments on the configuration of health data storage location, identification of areas of vulnerabilities and recording them on a risk register, determining the severity and impact of each risk, and the preferred order of implementation of protective measures for each risk (Abraham et al, 2019;Bhuyan et al, 2020;Dias et al, 2021).…”

Section: Cybersecurity Countermeasures and Mitigation Strategiesmentioning

confidence: 99%

“…Access management entails specifying who has access to which healthcare data, and at what level (Elhoseny et al, 2021). Effective access management can mitigate insider threats (Dias et al, 2021), reduce unnecessary exposure, and inadvertent disclosure of healthcare data by unsuspecting employees (Bhuyan et al, 2020;Dias et al, 2021).…”

Section: Cybersecurity Countermeasures and Mitigation Strategiesmentioning

confidence: 99%

See 4 more Smart Citations

A Systematic Literature Review on Cybersecurity Threats to Healthcare Data and Mitigation Strategies

Vilakazi,

Adebesin

EPiC Series in Computing

View full text Add to dashboard Cite

The incidence of cyberattacks on healthcare institutions has seen a steady increase over the years, with a massive increase of 42% in 2020. More specifically, INTERPOL reported a substantial increase in ransomware attacks on healthcare institutions at the height of the Covid-19 pandemic. This increase can be attributed to the rise in the adoption of digital technologies, such as the Medical Internet of Things (MIoT), to support healthcare services. The sensitive nature of healthcare data and the volume of data handled by healthcare institutions make them attractive to cybercriminals. When compared to financial data, healthcare data has more value on the dark web. Because a cyberattack on healthcare data could have far-reaching consequences, healthcare institutions should have effective strategies to safeguard unauthorized access. This paper presents the results of a systematic literature review (SLR) that investigated the strategies that can be used to mitigate cybersecurity threats to healthcare data. Forty-one research papers retrieved from three databases were analyzed based on specific inclusion/exclusion criteria. Synthesis of the sources yielded three main themes, namely, (i) emerging technology trends that contribute to cybersecurity vulnerability in the healthcare sector, (ii) current cybersecurity challenges in the healthcare sector, and (iii) cybersecurity countermeasures and mitigation strategies. The research results showed that a holistic approach that incorporates people, technology and adherence to regulations is required to mitigate cybersecurity threats in the healthcare sector. The study has implications for policymakers, vendors/designers of healthcare technologies, and healthcare institution managers.

show abstract

Section: Cybersecurity Countermeasures and Mitigation Strategiesmentioning

confidence: 99%