Integrated cybersecurity methodology and supporting tools for healthcare operational information systems

Detalhes bibliográficos
Autor(a) principal: Coutinho, B.
Data de Publicação: 2023
Outros Autores: Ferreira, J., Yevseyeva, I., Basto-Fernandes, V.
Tipo de documento: Artigo
Idioma: eng
Título da fonte: Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
Texto Completo: http://hdl.handle.net/10071/28661
Resumo: The recent increase in cybersecurity threats and cyberattacks impact organizations at various levels, including business-critical processes, and compromises business continuation and organizations survival. The cybersecurity of the healthcare sector, considered in many countries as critical national infrastructure, is addressed with particular interest, and focus in this study. We propose an integrated cybersecurity methodology and supporting tools for healthcare operational information systems. The artifact named Cyber.SCuris is developed to complement cyber threat intelligence and incident response life cycle and standards such as NIST SP800. The proposed methodology and supporting tools are designed to operate in critical networks and medical contexts, to detect unexpected behavior and prevent cybersecurity breaches in areas as sensitive as the clinical process of healthcare institutions operational information systems. We present an use case based demonstration scenario, integrating medical practice systems, such as a Picture Archiving and Communication System (Orthanc Server/ONIS Viewer software using the Digital Imaging and Communications in Medicine standard), a Security Information and Event Management system (Splunk software) and an Incident Handling and Resolution System (TheHive software), illustrating the adoption of the methodology and corresponding tools, for incident response life cycle management in the context of cyberattacks to healthcare institutions infrastructures. The methodology is adjustable, technology agnostic, and customizable to the integration of more and different systems, according to business/information systems processes, and maturity of healthcare institutions. This work benefited from organizational, technical and industry standards guidance and advise from a Portuguese university medical center.
id RCAP_a975ae2386f4f82886fdede581bc71ba
oai_identifier_str oai:repositorio.iscte-iul.pt:10071/28661
network_acronym_str RCAP
network_name_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository_id_str 7160
spelling Integrated cybersecurity methodology and supporting tools for healthcare operational information systemsCybersecurityHealthcare information systemConnected medical devicesIntrusion detectionIncident handlingIncident responseThe recent increase in cybersecurity threats and cyberattacks impact organizations at various levels, including business-critical processes, and compromises business continuation and organizations survival. The cybersecurity of the healthcare sector, considered in many countries as critical national infrastructure, is addressed with particular interest, and focus in this study. We propose an integrated cybersecurity methodology and supporting tools for healthcare operational information systems. The artifact named Cyber.SCuris is developed to complement cyber threat intelligence and incident response life cycle and standards such as NIST SP800. The proposed methodology and supporting tools are designed to operate in critical networks and medical contexts, to detect unexpected behavior and prevent cybersecurity breaches in areas as sensitive as the clinical process of healthcare institutions operational information systems. We present an use case based demonstration scenario, integrating medical practice systems, such as a Picture Archiving and Communication System (Orthanc Server/ONIS Viewer software using the Digital Imaging and Communications in Medicine standard), a Security Information and Event Management system (Splunk software) and an Incident Handling and Resolution System (TheHive software), illustrating the adoption of the methodology and corresponding tools, for incident response life cycle management in the context of cyberattacks to healthcare institutions infrastructures. The methodology is adjustable, technology agnostic, and customizable to the integration of more and different systems, according to business/information systems processes, and maturity of healthcare institutions. This work benefited from organizational, technical and industry standards guidance and advise from a Portuguese university medical center.Elsevier2023-05-23T14:59:27Z2023-01-01T00:00:00Z20232023-05-23T15:59:11Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10071/28661eng0167-404810.1016/j.cose.2023.103189Coutinho, B.Ferreira, J.Yevseyeva, I.Basto-Fernandes, V.info:eu-repo/semantics/embargoedAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-11-09T17:54:39Zoai:repositorio.iscte-iul.pt:10071/28661Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T22:27:39.218948Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse
dc.title.none.fl_str_mv Integrated cybersecurity methodology and supporting tools for healthcare operational information systems
title Integrated cybersecurity methodology and supporting tools for healthcare operational information systems
spellingShingle Integrated cybersecurity methodology and supporting tools for healthcare operational information systems
Coutinho, B.
Cybersecurity
Healthcare information system
Connected medical devices
Intrusion detection
Incident handling
Incident response
title_short Integrated cybersecurity methodology and supporting tools for healthcare operational information systems
title_full Integrated cybersecurity methodology and supporting tools for healthcare operational information systems
title_fullStr Integrated cybersecurity methodology and supporting tools for healthcare operational information systems
title_full_unstemmed Integrated cybersecurity methodology and supporting tools for healthcare operational information systems
title_sort Integrated cybersecurity methodology and supporting tools for healthcare operational information systems
author Coutinho, B.
author_facet Coutinho, B.
Ferreira, J.
Yevseyeva, I.
Basto-Fernandes, V.
author_role author
author2 Ferreira, J.
Yevseyeva, I.
Basto-Fernandes, V.
author2_role author
author
author
dc.contributor.author.fl_str_mv Coutinho, B.
Ferreira, J.
Yevseyeva, I.
Basto-Fernandes, V.
dc.subject.por.fl_str_mv Cybersecurity
Healthcare information system
Connected medical devices
Intrusion detection
Incident handling
Incident response
topic Cybersecurity
Healthcare information system
Connected medical devices
Intrusion detection
Incident handling
Incident response
description The recent increase in cybersecurity threats and cyberattacks impact organizations at various levels, including business-critical processes, and compromises business continuation and organizations survival. The cybersecurity of the healthcare sector, considered in many countries as critical national infrastructure, is addressed with particular interest, and focus in this study. We propose an integrated cybersecurity methodology and supporting tools for healthcare operational information systems. The artifact named Cyber.SCuris is developed to complement cyber threat intelligence and incident response life cycle and standards such as NIST SP800. The proposed methodology and supporting tools are designed to operate in critical networks and medical contexts, to detect unexpected behavior and prevent cybersecurity breaches in areas as sensitive as the clinical process of healthcare institutions operational information systems. We present an use case based demonstration scenario, integrating medical practice systems, such as a Picture Archiving and Communication System (Orthanc Server/ONIS Viewer software using the Digital Imaging and Communications in Medicine standard), a Security Information and Event Management system (Splunk software) and an Incident Handling and Resolution System (TheHive software), illustrating the adoption of the methodology and corresponding tools, for incident response life cycle management in the context of cyberattacks to healthcare institutions infrastructures. The methodology is adjustable, technology agnostic, and customizable to the integration of more and different systems, according to business/information systems processes, and maturity of healthcare institutions. This work benefited from organizational, technical and industry standards guidance and advise from a Portuguese university medical center.
publishDate 2023
dc.date.none.fl_str_mv 2023-05-23T14:59:27Z
2023-01-01T00:00:00Z
2023
2023-05-23T15:59:11Z
dc.type.status.fl_str_mv info:eu-repo/semantics/publishedVersion
dc.type.driver.fl_str_mv info:eu-repo/semantics/article
format article
status_str publishedVersion
dc.identifier.uri.fl_str_mv http://hdl.handle.net/10071/28661
url http://hdl.handle.net/10071/28661
dc.language.iso.fl_str_mv eng
language eng
dc.relation.none.fl_str_mv 0167-4048
10.1016/j.cose.2023.103189
dc.rights.driver.fl_str_mv info:eu-repo/semantics/embargoedAccess
eu_rights_str_mv embargoedAccess
dc.format.none.fl_str_mv application/pdf
dc.publisher.none.fl_str_mv Elsevier
publisher.none.fl_str_mv Elsevier
dc.source.none.fl_str_mv reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron:RCAAP
instname_str Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
instacron_str RCAAP
institution RCAAP
reponame_str Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
collection Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)
repository.name.fl_str_mv Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação
repository.mail.fl_str_mv
_version_ 1799134839484448768

Registros relacionados