Integrated cybersecurity methodology and supporting tools for healthcare operational information systems
Autor(a) principal: | |
---|---|
Data de Publicação: | 2023 |
Outros Autores: | , , |
Tipo de documento: | Artigo |
Idioma: | eng |
Título da fonte: | Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
Texto Completo: | http://hdl.handle.net/10071/28661 |
Resumo: | The recent increase in cybersecurity threats and cyberattacks impact organizations at various levels, including business-critical processes, and compromises business continuation and organizations survival. The cybersecurity of the healthcare sector, considered in many countries as critical national infrastructure, is addressed with particular interest, and focus in this study. We propose an integrated cybersecurity methodology and supporting tools for healthcare operational information systems. The artifact named Cyber.SCuris is developed to complement cyber threat intelligence and incident response life cycle and standards such as NIST SP800. The proposed methodology and supporting tools are designed to operate in critical networks and medical contexts, to detect unexpected behavior and prevent cybersecurity breaches in areas as sensitive as the clinical process of healthcare institutions operational information systems. We present an use case based demonstration scenario, integrating medical practice systems, such as a Picture Archiving and Communication System (Orthanc Server/ONIS Viewer software using the Digital Imaging and Communications in Medicine standard), a Security Information and Event Management system (Splunk software) and an Incident Handling and Resolution System (TheHive software), illustrating the adoption of the methodology and corresponding tools, for incident response life cycle management in the context of cyberattacks to healthcare institutions infrastructures. The methodology is adjustable, technology agnostic, and customizable to the integration of more and different systems, according to business/information systems processes, and maturity of healthcare institutions. This work benefited from organizational, technical and industry standards guidance and advise from a Portuguese university medical center. |
id |
RCAP_a975ae2386f4f82886fdede581bc71ba |
---|---|
oai_identifier_str |
oai:repositorio.iscte-iul.pt:10071/28661 |
network_acronym_str |
RCAP |
network_name_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository_id_str |
7160 |
spelling |
Integrated cybersecurity methodology and supporting tools for healthcare operational information systemsCybersecurityHealthcare information systemConnected medical devicesIntrusion detectionIncident handlingIncident responseThe recent increase in cybersecurity threats and cyberattacks impact organizations at various levels, including business-critical processes, and compromises business continuation and organizations survival. The cybersecurity of the healthcare sector, considered in many countries as critical national infrastructure, is addressed with particular interest, and focus in this study. We propose an integrated cybersecurity methodology and supporting tools for healthcare operational information systems. The artifact named Cyber.SCuris is developed to complement cyber threat intelligence and incident response life cycle and standards such as NIST SP800. The proposed methodology and supporting tools are designed to operate in critical networks and medical contexts, to detect unexpected behavior and prevent cybersecurity breaches in areas as sensitive as the clinical process of healthcare institutions operational information systems. We present an use case based demonstration scenario, integrating medical practice systems, such as a Picture Archiving and Communication System (Orthanc Server/ONIS Viewer software using the Digital Imaging and Communications in Medicine standard), a Security Information and Event Management system (Splunk software) and an Incident Handling and Resolution System (TheHive software), illustrating the adoption of the methodology and corresponding tools, for incident response life cycle management in the context of cyberattacks to healthcare institutions infrastructures. The methodology is adjustable, technology agnostic, and customizable to the integration of more and different systems, according to business/information systems processes, and maturity of healthcare institutions. This work benefited from organizational, technical and industry standards guidance and advise from a Portuguese university medical center.Elsevier2023-05-23T14:59:27Z2023-01-01T00:00:00Z20232023-05-23T15:59:11Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/articleapplication/pdfhttp://hdl.handle.net/10071/28661eng0167-404810.1016/j.cose.2023.103189Coutinho, B.Ferreira, J.Yevseyeva, I.Basto-Fernandes, V.info:eu-repo/semantics/embargoedAccessreponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos)instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãoinstacron:RCAAP2023-11-09T17:54:39Zoai:repositorio.iscte-iul.pt:10071/28661Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireopendoar:71602024-03-19T22:27:39.218948Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informaçãofalse |
dc.title.none.fl_str_mv |
Integrated cybersecurity methodology and supporting tools for healthcare operational information systems |
title |
Integrated cybersecurity methodology and supporting tools for healthcare operational information systems |
spellingShingle |
Integrated cybersecurity methodology and supporting tools for healthcare operational information systems Coutinho, B. Cybersecurity Healthcare information system Connected medical devices Intrusion detection Incident handling Incident response |
title_short |
Integrated cybersecurity methodology and supporting tools for healthcare operational information systems |
title_full |
Integrated cybersecurity methodology and supporting tools for healthcare operational information systems |
title_fullStr |
Integrated cybersecurity methodology and supporting tools for healthcare operational information systems |
title_full_unstemmed |
Integrated cybersecurity methodology and supporting tools for healthcare operational information systems |
title_sort |
Integrated cybersecurity methodology and supporting tools for healthcare operational information systems |
author |
Coutinho, B. |
author_facet |
Coutinho, B. Ferreira, J. Yevseyeva, I. Basto-Fernandes, V. |
author_role |
author |
author2 |
Ferreira, J. Yevseyeva, I. Basto-Fernandes, V. |
author2_role |
author author author |
dc.contributor.author.fl_str_mv |
Coutinho, B. Ferreira, J. Yevseyeva, I. Basto-Fernandes, V. |
dc.subject.por.fl_str_mv |
Cybersecurity Healthcare information system Connected medical devices Intrusion detection Incident handling Incident response |
topic |
Cybersecurity Healthcare information system Connected medical devices Intrusion detection Incident handling Incident response |
description |
The recent increase in cybersecurity threats and cyberattacks impact organizations at various levels, including business-critical processes, and compromises business continuation and organizations survival. The cybersecurity of the healthcare sector, considered in many countries as critical national infrastructure, is addressed with particular interest, and focus in this study. We propose an integrated cybersecurity methodology and supporting tools for healthcare operational information systems. The artifact named Cyber.SCuris is developed to complement cyber threat intelligence and incident response life cycle and standards such as NIST SP800. The proposed methodology and supporting tools are designed to operate in critical networks and medical contexts, to detect unexpected behavior and prevent cybersecurity breaches in areas as sensitive as the clinical process of healthcare institutions operational information systems. We present an use case based demonstration scenario, integrating medical practice systems, such as a Picture Archiving and Communication System (Orthanc Server/ONIS Viewer software using the Digital Imaging and Communications in Medicine standard), a Security Information and Event Management system (Splunk software) and an Incident Handling and Resolution System (TheHive software), illustrating the adoption of the methodology and corresponding tools, for incident response life cycle management in the context of cyberattacks to healthcare institutions infrastructures. The methodology is adjustable, technology agnostic, and customizable to the integration of more and different systems, according to business/information systems processes, and maturity of healthcare institutions. This work benefited from organizational, technical and industry standards guidance and advise from a Portuguese university medical center. |
publishDate |
2023 |
dc.date.none.fl_str_mv |
2023-05-23T14:59:27Z 2023-01-01T00:00:00Z 2023 2023-05-23T15:59:11Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
format |
article |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10071/28661 |
url |
http://hdl.handle.net/10071/28661 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.relation.none.fl_str_mv |
0167-4048 10.1016/j.cose.2023.103189 |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/embargoedAccess |
eu_rights_str_mv |
embargoedAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.publisher.none.fl_str_mv |
Elsevier |
publisher.none.fl_str_mv |
Elsevier |
dc.source.none.fl_str_mv |
reponame:Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) instname:Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação instacron:RCAAP |
instname_str |
Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
instacron_str |
RCAAP |
institution |
RCAAP |
reponame_str |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
collection |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) |
repository.name.fl_str_mv |
Repositório Científico de Acesso Aberto de Portugal (Repositórios Cientìficos) - Agência para a Sociedade do Conhecimento (UMIC) - FCT - Sociedade da Informação |
repository.mail.fl_str_mv |
|
_version_ |
1799134839484448768 |